60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page60

Digital Trust & Security Working Group Jean-Pierre TUAL, WG President [email protected] GEMALTO

“2012 has been again a very successful year for the Digital Trust & Security Working Group, consolidating the portfolio of R&D projects, ensuring proper outcome of already completed projects and extending the cooperation with several French and European clusters. The challenges highlighted by the Thematic Group in the field of DT&S and described in its 2013-2018 roadmap are to provide the methodological frameworks, components and solutions needed (especially at ICT level) to ensure trust and security in highly complex environments, such as critical infrastructures (transportation, energy distribution and other vital infrastructure), decision-making centers, smart-city infrastructure, complex transactional systems (e-government, e-commerce, communication networks, payment systems), and of course customer or citizen centric ICT environments. Several ambitious projects have been started last year (such as Homere+, PISCO, Virtualis) to address some of these new challenges. No doubt that these projects have all the qualities to generate the innovative secure and trusted products of tomorrow. As competitiveness clusters are now asked to accelerate the transition from “project factories” to “innovative products factories”, it is also interesting to consider the already achieved “success stories” generated by the Thematic Group, including Dictao, HGH, Evitech, Civitec and LMS Imagine as spotlighted in the “Systematic Success Stories leaflet”; these companies represent bright examples of SMEs whose business development has been boosted by collaborative project originated with our Cluster. Concerning National and European collaborations in 2012, the DT&S Working Group has been deeply involved in the elaboration of most of the National Security Roadmaps -including Digital Identity, Critical Infrastructure protection, Cybersecurity, Videoprotection, a national initiative supported by the Public Authorities from France which gathered most of the French industrial and academic actors in the field of Global Security. At the international level, we successfully concluded the European INTERREG project “Signature”, that involved four European Security clusters (including Systematic) and which has been a key tool to stimulate SMEs participation to leading international collaborative research and innovation projects in the area of security. But European collaborations are not over as from 2013, Systematic and more precisely DT&S will participate to a new European project, MAPPS, aimed at stimulating French-German cooperation in the area of civil security research. No doubt that, capitalizing on these successes and on the dynamism of its members, 2013 will be again a great and successful year for our Working Group, especially considering the raising importance of digital trust and security in almost all activities from our daily personal or professional lives."

60

60-133 Security 2013_Mise en page 1 27/05/13 09:08 Page61

NEW CHALLENGES Citizens, companies, institutions, policy-makers and governments are facing a new set of risks (Seveso, health, natural, terrorism and cyber-terrorism, organized crime...) amplified by the major changes of our society: development of megacities; widespread e-commerce and e-government, globalization of trade and services, generalization of user and data mobility. These risks are related to:

◗ The concentration and mobility of large groups of peo-

◗ The raising concerns of users, citizens and organiza-

ple in sensitive areas (public places, railway stations, airports): as a matter of example, 3 billion passengers transit annually in the 30 largest airports in the world.

tions in front of possible privacy flaws in the management of their personal or critical data by external systems. The development of new concepts such as mobility or cloud-computing is especially creating new concerns in this area

◗ The growing dependence of our society in Information and Communications technologies (ICT), that are playing an increasing role in almost all areas of practical life (health and wellbeing, commerce, citizenship, industry, transportation, trade, finance...).

◗ The globalization of electronic transactions (trade, finance, etc...) in an ever increasing complex, ubiquitous and virtualized ICT environment, hence vulnerable to massive fraud or cyber risks and in which it becomes always more challenging to create and maintain trust and confidence among the various stakeholder.

The above mentioned security risks cannot be treated without significant innovations or breakthroughs in both SW technology, methodological framework, architecture and components, demonstrating the final ability to ensure a trustworthy management of the large complex systems addressed in the Working Group. They must also address some critical social or societal challenges such as privacy by design, impact of new technologies on organizational or educational processes, e-inclusion and children/minor protection.

THE DIGITAL TRUST & SECURITY WORKING GROUP WITHIN SYSTEMATIC The Digital Trust & Security Working Group is positioned on five technology areas, called “Development Axes”:

◗ R&D Financed Projects: 73 ◗ Partners: 153 including:

◗ Critical infrastructure protection ◗ Trusted infrastructure for smart-cities ◗ Digital trust for the citizen ◗ Trust and transactional security in large systems,

• 81 SMEs • 7 Enterprises of Intermediate Size • 42 Large companies • 23 Research institutes and universities

fraud management

◗ Total investment: 321.8 M2

◗ Common technologies for multi-risk management, resilience, human and societal issues

Jean-Louis SZABO,

Johan D’HOSE,

WG Vice-President [email protected] CEA

Representative of Permanent Secretariat [email protected] SYSTEMATIC

Steering Committee Members ALCATEL-LUCENT CEA SACLAY DEVERYWARE DICTAO EADS INNOVATION WORKS EOLANE EVIDIAN GEMALTO GENIGRAPH INRIA ROCQUENCOURT INSTITUT MINES TELECOM IRT SYSTEMX MORPHO ORANGE THALES UNIVERSITE DE TECHNOLOGIE DE TROYES

Abdullatif SHIKFA Jean-Louis SZABO Stephane SCHMOLL Olivier CLEMOT Louis GRANBOULAN Laurent BARATIER Thierry WINTER Jean-Pierre TUAL Didier PLAS Brigitte DUEME Hervé DEBAR François STEPHAN Samuel VINSON Thierry BARITAUD Emmanuel MICONNET Patrick LALLEMENT

[email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Digital Trust & Security WG

61

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page62

Critical Infrastructure protection

Electro-assisted diamond based detectors for actinides spectrometry in aqueous solution

In the ActiFind project, we propose to realize a novel sensor platform to probe the activity of trace levels of actinide contaminants in water. So far, no system exists that is enabling the measurement of radioactive water in a portable, easy to handle system that can be established for early stage detection of “nuclear attacks” as well as for permanent water quality monitoring.The technique will allow saving substantial time during the analytical process by combining within one single device the following functionalities; water-pre-cleaning fluidic system to up-grate the liquid for characterization; electro-precipitating cathode used to accumulate actinides ions as solid hydroxides onto an immersed detector for alpha radioactivity monitoring; postmeasurement cleaning of the sensor (“set-back”) for multiple detection applications.

ON GOING PROJECT

CONTACT Jacques DE SANOIT CEA LIST +33 (0)1 69 08 86 75 [email protected]

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

Large companies: CANBERRA FRANCE

Our approach is unique and applies for the first time electro-precipitation as initial step (see for example, J. de Sanoit, M. Pomorski et C. Mer., Détecteur alpha électrochimiquement assisté pour la mesure nucléaire en milieu liquide et procédé associé. French Patent # 1058150, 7th October 2010). The ActiFind project will aim at optimization of devices and to tune required technologies with respect to market requirements.

Research institutes, universities: CEA LIST, IRSN

◗ Diamond electrodes will be deposited on large area wafers (typically 6“ in diameter) after the processing of alpha-particle detectors.

◗ The counter and reference electrodes will be integrated into the sensor surface, to allow easy and reproducible detection.

◗ To make these sensors reliable, the electrodes will be contacted from the back-side using the Bosch etching process in combination with metallization.

◗ The sensor will be mounted on a glass substrate to be placed in the fluidic system for detection.

◗ The fluidic system will be applied to

Coordinator: CEA LIST Call: ANR Start date: April 2012 Duration: 36 months

handle the liquid that is to be analyzed and if necessary pre-clean a part of or the whole sample.

Global budget (M2): 1.5

◗ A post-measurement electrode cleaning will be applied to “setback” the sensor to detection cycles which is required for long term applications.

Funding (M2): 0.6

STATUS - MAIN PROJECT OUTCOMES The system has been so far demonstrated experimentally in our laboratory. In this research project, we intend to miniaturize and to combine the detection-elements into a technologically developed sensor system for commercial applications. This preliminary sensor from CEA-LIST was developed on an internal CEA budget for trace detection in waste waters.

Digital Trust & Security WG

62

PROJECT DATA

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page63

Trust and security in large transactional systems - Cybersecurity and fraud prevention

ADMIN PROXY

Certified security software project for identity and access management, users strong authentication, password management and traceability

COMPLETED PROJECT

CONTACT

The goals of the AdminProxy project are:

◗ to provide a centralized network access control mechanism to IT resources allowing for an SSO capability, meaning that with the same password the user can launch different services requiring distinct credentials.

◗ to develop the architecture along with the proxies for some selected protocols including ssh, telnet, rdp, and https.

Vincent DURANT IF RESEARCH WALLIX +33 (0)1 53 42 12 92 [email protected]

◗ to provide auditing, analysis, reporting, and tracing services on top of the architecture enabling a transparent access control.

◗ to evaluate and certify the resulting core architecture. ◗ to test and experiment the resulting prototype.

PROGRESS BEYOND THE STATE OF THE ART The project has allowed to develop a new performing version of an rdp proxy, with a dynamic construction of the movie of what displayed on the screen of the Windows administrator from the registered rdp flow. The most important technical breakthrough was the develoment of a pilot of an https proxy that record the administration flow. An other significant progress is a prototype of a tool of network discovery.

PARTNERS SMEs: ECLIPSE-ALTERWAY, IF RESEARCH WALLIX, MANDRIVA, OPPIDA, UNIVERSAL FLOWER (AQUARELLE GROUP) Research institutes, universities: LIP6 (AT THE BEGINNING)

PROJECT DATA Coordinator: IF RESEARCH WALLIX Call: FUI6 Start date: September 2008 Duration: 24 months Global budget (M2): 3.5 Funding (M2): 1.6

MAJOR PROJECT OUTCOMES ◗ Publications: "Integrity cookie management" by the LIP6 laboratory on 2010, October 18th.

◗ Product(s): The results of AdminProxy Project have been integrated by Wallix in the version 3.0 of Wallix AdminBastion, which has encountered a large success on the Market Place (about 3 M€ turnover today).

◗ Job creation: This project allowed all in all the creation of 7 full-time jobs for all the partners.

Digital Trust & Security WG

63

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page64

Trust and security in large transactional systems - Cybersecurity and fraud prevention

ADS+

Architecture de diffusion Sécurisé de Services

ADS+ is an innovative project of 10.000 man/days labelled by the French Competitiveness Clusters TES and Systematic with the support of PICOM. ADS+ is led by a Consortium of 13 companies and research laboratories. It started in March 2010 following the APP FUI9 call of the French governmental framework to sponsor innovation. Its main goals are to design and validate an open and standard architecture for IP POI (Point of Interaction) with a thin client approach. The main deliveries of ADS+ are: • State of the art survey (payment, loyalty, POI managment), • List of requirements (functional, security, performance, economic, …), • ADS+ architecture specification, • Use cases global design, • ADS+ component interfaces detailed specification, including the protocol between POI's client and server.

PROGRESS BEYOND THE STATE OF THE ART

CONTACT Jean-Claude BARBEZANGE ATOS WORLDLINE +33 (0)2 54 44 72 58 jean-claude.barbezange @atos.net

PARTNERS Large companies: ATOS WORLDLINE, CEV GROUP, GEMALTO GROUPEMENT CB, INGENICO (XIRING) Intermediate size enterprises: GALIT SMEs: ELITT, MERCURY TECHNOLOGIES

Design and publication of ADS+ open and standard architecture for POI with the introduction of infrastructure services to authenticate and manage POI terminal. First version of open and secure ADS+ protocol endorsed by EPASOrg for publication and standardisation to ISO. Design and publication of TLS extension protocol to take in charge device authentication by PUF technology maned DHZKP protocol. Experimentation of ADS+ architecture implementation with live pilot with small merchands and regional bank.

Research institutes, universities: CEA LIST, ENSI CAEN, HEI LILLE

PROJECT DATA Coordinator: ATOS WORLDLINE Co-label: TES Call: FUI9 Start date: April 2010 Duration: 30 months

MAJOR PROJECT OUTCOMES

Global budget (M2): 6.1

◗ Publications:

Funding (M2): 2.1

• ADS+ Protocol Specification • ADS+ Architecture specification • DHZKP protocol for PUF.

◗ Business creation: mPOS offer

Digital Trust & Security WG

64

COMPLETED PROJECT

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page65

Trusted Infrastructure for smart cities

Ambulance communicante ON GOING PROJECT

AmbuCom is a great scope project enabling to redesign the current first aid ambulance in an ambulance which will integrate natively many communicating tools enabling the transfer of medical information to control rooms. AmbuCom project will position the ambulance as a key link within the emergency decision-making process. The goal of this communicating ambulance project is to bring one answer, among many others, to the issue of medical desertification, to improve the consideration of patients, to facilitate the exchange of information between the field and regulating doctors and to have technical answers to the steady increase of operational demand for people rescue.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ The consortium is going to develop interoperable and integrated communicating tools ◗

◗ ◗ ◗

in order to make the ambulance a key link within the emergency decision-making process. A "universal communication box" will be developed and will play a central role as it will enable to get and gather all the data from the different analysis parameters available to the rescue staff, and to transfer this data through secure communication means to coordinating doctors based in control rooms. The "universal communication box" will be linked to compatible communicating medical devices. The objective of the consortium will be to propose a range of compatible equipments for non-equipped vehicles. A specialized assistance will be proposed to the user thanks to embedded software support tools featuring an avatar making the input of medical data at the same time as the operator. Regarding the operational management center, an application tool will summarize and give priority to information able to make easier the regulation and the consideration of patients, according to criterias and procedures defined beforehand by medical staff.

CONTACT David VILLACASTIN TPL SYSTEMES +33 (0)6 20 44 33 37 david.villacastin @tplsystemes.com

PARTNERS Intermediate size enterprises: CASSIDIAN SAS, SDIS 13 SMEs: GROUPE GIFA, INTERGRAPH FRANCE, PARSYS TÉLÉMÉDECINE, TPL SYSTEMES Research institutes, universities: ARMINES ALES, CEA LIST

PROJECT DATA Coordinator: TPL SYSTEMES Co-label: ID4CAR, PÔLE RISQUES Call: FUI14 Start date: November 2012 Duration: 36 months Global budget (M2): 3.9 Funding (M2): 1.3

STATUS - MAIN PROJECT OUTCOMES ◗ The average potential outcome by vehicle is forecasted at 20 000 €, whatever the type of vehicle to equip (8000 € for communication equipments, 8000 € for medical equipments, 2000 € for software licenses including diagnosis assistance, 2000 € for integration costs). ◗ The objective is to equip about 1000 vehicles per year, representing a turnover of 20 M€.

Digital Trust & Security WG

65

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page66

Critical Infrastructure protection

ASPIC

Aide par la Simulation à la Protection des Infrastructures Critiques

◗ The goal of the ASPIC project is to develop the demonstrator of a help tool for the positioning and deployment of sensors in order to optimize the protection of critical infrastructure (airport, railway station, subway) in front of CBRN and fire threats.

◗ This tool allows to locate sensors in a 3D virtual site, to check their threat coverage and their response to simulated chemical or fire threats. This demonstrator implements as well a human behaviour module that allows to estimate the human damages due to a threat according to various scenarios.

COMPLETED PROJECT

CONTACT Laurens DUDRAGNE THALES COMMUNICATIONS & SECURITY +33 (0)1 73 32 21 44 laurens.dudragne@thalesgroup .com

PROGRESS BEYOND THE STATE OF THE ART ◗ Help tool to design a detec-

PARTNERS

tion system to mitigate CBRN impact.

Large companies: BULL, THALES COMMUNICATIONS & SECURITY

◗ Assessment of the CBRN impact on human being and countermeasures evaluation

Intermediate size enterprises: BERTIN TECHNOLOGIES

MAJOR PROJECT OUTCOMES

SMEs: PARALLEL GEOMETRY

◗ Product(s) or Service(s):

Research institutes, universities: INERIS

The application allows the design of a detection system (number of sensors, location, time to detect). According to the deployed sensor network and alert detection time calculated for a given threat, the simulation allows: • To assess CBRN impact on human being. • To verify the countermeasures efficiency (air extraction, evacuation order). From a technical point of view, thanks to this first version of simulation tool we were able to: - 1 Determine the calculation power needed for a realistic simulation; - 2 Verify the relevance of the models and the required level of exactness; - 3 Verify the relevance of the simulation of human behaviors; - 4 Estimate the ergonomics necessary for the tool in case of non-specialist end-user. For site safety/security purpose, this tool allows a sensitization of critical sites manager in front of fire or CBRN events with the display of the threat propagation within their infrastructure, the contaminated zones, the human impact. This tool can also bring help to the drafting of intervention procedures, particularly with the ability to simulate a crowd.

Digital Trust & Security WG

66

PROJECT DATA Coordinator: THALES COMMUNICATIONS & SECURITY Call: ANR Start date: February 2007 Duration: 27 months Global budget (M2): 1.5 Funding (M2): 0.8

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page67

Common technologies for multi-risk management, resilience, human and societal issues

AUTOPOL

Automized polarization imaging ON GOING PROJECT

Polarimetric imaging consists in illuminating and observing a scene with light having a controlled state of polarization. This type of imager can reveal contrasts that do not appear in images from conventional sensors. In order to fully exploit this technology, one needs to integrate, in the same system, fast and efficient image analysis algorithms together with an agile imaging module capable of generating any polarization state in illumination and analysis. The demonstrator built in the framework of this project will produce polarimetric images at 1.55 µm wavelength thanks to laser illumination. It will integrate various strategies (automatic or semi-supervised) for controlling the parameters of the instrument (polarization states of illumination and analysis) with image segmentation algorithms.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS The objective is to design an adaptive polarimetric imaging system in which the result of image segmentation controls the parameters of the instrument in order to maximize the contrast of regions of interest. This system will have the capacity to rapidly adapt, in a completely or partially automatic way, to the observed scene and to its evolution. The essential condition is to integrate efficient image segmentation algorithms with an agile imaging system capable to generate any polarization state in emission and analysis.

CONTACT François GOUDAIL INSTITUT D'OPTIQUE +33 (0)1 64 53 31 95 [email protected]

PARTNERS Large companies: THALES RESEARCH AND TECHNOLOGY Research institutes, universities: INSTITUT FRESNEL, INSTITUT D'OPTIQUE, LABORATOIRE CHARLES FABRY

To reach this goal, it will thus be necessary to develop technological innovations in the domains of image processing and imaging system design.

PROJECT DATA

◗ Design of image segmentation algorithms robust to complex fluctuations of active images (clutter, speckle,…) and sufficiently fast.

Coordinator: INSTITUT D'OPTIQUE Call: ASTRID (DGA/ANR)

◗ Design of a laser illumi-

Start date: January 2013

nated active polarimetric imager in 1.55 μm wavelength band.

Duration: 24 months

The main originality – and the difficulty – of the project will consist in the joint design of the imaging system and of the processing algorithms in order to maximize the performance of the global system.

Global budget (M2): 0.6 Funding (M2): 0.2

STATUS - MAIN PROJECT OUTCOMES The project started in January 2013.

Digital Trust & Security WG

67

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page68

Critical Infrastructure protection

Broadcast Encryption for Secure Telecommunications

In this project, we address the problem of securely and efficiently broadcasting digital contents from a service center to a large group of users over an insecure channel in a secure way. Protocols which adress this issue are Broadcast Encryption Scheme. This problem is at the core of Pay-TV systems, on-demand video broadcast (VOD), mobile TV, wireless networks, military radio communications, positioning systems (GPS, Galileo). Our aim is to design new protocols which enables to send information to a dynamic subset of receivers for a minimal cost (in terms of computational time, bandwith, memory). Two prototypes are to be realized to measure the increase of performance induced by the new protocols: • One prototype under Pay-TV constraints. • One prototype under geolocalization constraints.

ON GOING PROJECT

CONTACT Renaud DUBOIS THALES COMMUNICATIONS +33 (0)1 46 13 22 96 [email protected] http://crypto.di.ens.fr

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

Large companies: THALES COMMUNICATIONS

The expected benefits arising from BEST are numerous:

Intermediate size enterprises: NAGRA FRANCE

◗ Thwart piracy: deploying the new systems will result in asubstantial cut of financial losses due to piracy.

◗ Solve the low bandwith issue: the transmission rate and traffic key refreshment would grow linearly with the gain provided by replacing the currently implemented solutions with the new broadcast encryption protocols.

◗ Enhances the quality of service and extends the capabilities supported by the service. ◗ Scientific progress: the aim is to extend beyond the state of the art. ◗ Provable security: security proofs constitute a scientific, convincing evidence that a

SMEs: CRYPTOEXPERTS Research institutes, universities: CASCADE (ENS), UNIVERSITE PARIS 8

given security level is realized.

PROJECT DATA Coordinator: THALES COMMUNICATIONS Call: ANR Start date: January 2010 Duration: 48 months Global budget (M2): 3.1 Funding (M2): 0.9

STATUS - MAIN PROJECT OUTCOMES New results in cryptography have been obtained: nine publications on security notions, algorithmic tools and new protocols and four patents have been realized. The new protocols have been developed and integrated into the prototypes, leading to a very efficient bandwith/computation tradeoff broadcast scheme. This gain enables to increase the frequency of key renewal for pay TV, and to increase the number of groups of user for Geolocalisation system (by a factor greater than 100).

Digital Trust & Security WG

68

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page69

Critical Infrastructure protection

BINGO

Technological bricks for Gamma Neutron Imaging

The project aims to develop technological building blocks of neutron detection equipment such as a new photomultiplier, a new Gamma detector based on LaBr3 christal, a compact electronic for acquisition and images computation, a software able to merge video, X-ray and neutron images. The different regulations on nuclear activities are studied at french, european, and north american level in order to design a compliant equipment. The final equipment allows detection of illicit or dangerous materials such as Explosive, Chemical, Radiological and Drugs in an unattended lugage or suspicious package. Portable, it will be used by bomb squad or Police in airports, stations, or in open spaces. The final product will include a neutron generator, a X-rays emitter and gamma and neutron detectors and also a flat panel to mesure X-ray.

COMPLETED PROJECT

CONTACT Karim SOUDANI SODERN +33 (0)1 45 95 71 30 [email protected]

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

Large companies: PHOTONIS, SODERN

Bingo’s deal was to get out from the laboratory the neutron analysis with associated particle technology, which the ability to detect dangerous materials has already been demonstrated. The benefits for this project were:

SMEs: REFLEX CES

◗ The characterization of unknown gamma detector in neutron environment The development of a new miniaturized electronics board with very good performances allowing a global weight reduction of 16 kg for the equipment;

Research institutes, universities: CNRS-LIMSI, IRSN

◗ The availability of a critical component for this technology (a multi anode photomultiplier) has been increased;

◗ The imaging software with fusion of data has been presented to potential users in order to consider all their operational constraints;

◗ The sanitary study has concluded to a negligible impact regarding nuclear activation of the inspected objet.

PROJECT DATA Coordinator: SODERN Call: ANR Start date: January 2007

MAJOR PROJECT OUTCOMES

Duration: 24 months

◗ Product(s) or Service(s): A new product is born named ULIS for “Unattended Luggage Inspection System”. The promotion of this equipment has just started and the customer interest (bomb squad, police or security officer) is excellent in different location of the world. It is inducing information request, demonstration, trials to assess performance and usability of the machine in real conditions. The first prototype produced during 2009 is presented to the end-users involved in Bingo’s project in order to check different functionality and operational usability. Second equipment will be produced by the end of 2010.

Global budget (M2): 1.4 Funding (M2): 0.7 Related Systematic project(s): MOBISIC, SIC

◗ Patents: Not directly link to Bingo but in relation with ULIS.

◗ Experimentations: A confidential trial based on explosive detection was conducted abroad last year with local administration. The very good results obtain by ULIS open the door of new collaborations, new investments in science and technology to add innovative functions as drug detection in collaboration with coast guards and customs or sensor integration on Robot. Four demonstrations were organized in France and abroad.

◗ Business creation: Sale network and distribution are studied, EADS-SODERN has a lot of choice and will take time to select partners. Other information regarding business are sensitive and cannot be delivered.

Digital Trust & Security WG

69

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page70

Critical Infrastructure protection

BMOS

Biometric Matching On Smartcard ON GOING PROJECT

Biometric authentication systems are based on comparison of a stored biometric template with a fresh one. To increase the security of the authentication and the protection of personal data, the Match-On-Card (MOC) paradigm has been introduced. This consists on executing the comparison directly within a smartcard. In BMOS project, we focus on a dedicated coprocessor, by designing a hardware implementation enabling a fast and efficient matching, with good biometric performance, while offering the protection of personal biometric data thanks to a matching operation with integrated countermeasures against side channel attacks.

CONTACT

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

PARTNERS

BMOS project can be overviewed through three big steps:

◗ Analysing and designing a hardware architecture enabling the acceleration of a fingerprint matching with a low level of complexity and great biometric performances;

◗ Securing the implementation to achieve a high level of protection of personal data; ◗ Validating the effective security by internal evaluation. With their respective expertise in, biometrics, smartcard software security, embedded software security, electronic circuits countermeasures, the partners will contribute to handle the following technical and scientific problems: vulnerabilities evaluation of MOC against side channel and fault injection attacks; scientific research of needed countermeasures; design and implementation of an architecture with low complexity fitting to smartcard constraints while offering high biometric performances and low execution time. Security of hardware implementations is today mainly focused on cryptographic operations and only a few on biometric ones. Therefore, beneficial effects of BMOS project could be on a scientific side as on an economic side. The goal is to create a technological breakthrough that could be exploited in a short term: a MOC technology, which would be efficient and ensuring protection of personal data.

Large companies: MORPHO SMEs: SECURE-IC Research institutes, universities: This project is partially conducted within identity & security alliance (the morpho and telecom paristech research center)

TELECOM PARISTECH

PROJECT DATA Coordinator: MORPHO Co-label: IMAGES & RÉSEAUX Call: ANR ARPEGE 2010

STATUS - MAIN PROJECT OUTCOMES Main outcomes achieved during Y1 and Y2 are:

◗ Description of an algorithm for accurate fingerprint comparison that is interoperable with existing systems and adapted to an hardware implementation;

◗ FPGA prototype ensuring good performances (biometric errors close to state of the art and execution time below 0,5s), with a theoretical and practical security analysis; Partners are currently working mainly on the following remaining points:

◗ FPGA prototype ensuring in addition the security during the execution; ◗ Validation of the effectiveness of the security and the personal data protection by internal evaluations.

Digital Trust & Security WG

70

Julien BRINGER MORPHO +33 (0)1 58 11 38 96 [email protected]

Start date: November 2010 Duration: 36 months Global budget (M2): 1.5 Funding (M2): 0.6

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page71

Trust and security in large transactional systems - Cybersecurity and fraud prevention

CEEC

Certification d’Environnements d’Exécution de Confiance

CEEC is developing a new software development methodology that will accelerate the certification of software products that require very high levels of security. During this project, the partners intend to create a new software development environment, based on Prove & Run’s innovative technology, which will include a fully proven generation and compilation toolchain. By integrating security concerns within the development process of critical systems, this environment will enable the development of quality software with guaranteed security properties and will reduce the cost of high-level evaluations and certifications, such as the ones following the Common Criteria methodology.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS The goal of this project is to enable the following workflow and to validate that it does reduces the Time-To-Market of sensitive software components:

◗ The conception language designed by Prove & Run enables developers to specify the actual behavior of a program but also the security properties it must respect.

ON GOING PROJECT

CONTACT David GARNIER PROVE & RUN +33 (0)1 75 77 55 55 [email protected]

PARTNERS SMEs: ESTEREL TECHNOLOGIES, PROVE & RUN, TRUSTED LABS Research institutes, universities: INRIA

◗ The development environment designed by Prove & Run can formally verify such a program and translate it into C source code.

◗ Thanks to CompCert, a formally-verified C compiler that will be upgraded to target ARM platforms, this source code is compiled into a trustworthy executable binary.

◗ Connections between the Prove & Run IDE and the SCADE environment allows the security concerns of the avionics domain to be taken into account at the model level

◗ At every step of this transformation process, this toolchain generates the evidences required by the Common Criteria methodology for high levels evaluation.

PROJECT DATA Coordinator: PROVE & RUN Call: BGLE Start date: February 2012 Duration: 36 months Global budget (M2): 3.3 Funding (M2): 1.4

STATUS - MAIN PROJECT OUTCOMES In order to demonstrate its flexibility, the toolchain supporting this new methodology will be applied to two representative examples drawn from the following environments:

◗ Trusted execution environments for smartphones; ◗ Commercial avionics. The results of this project will be disseminated through conferences and other means of communication.

Digital Trust & Security WG

71

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page72

Critical Infrastructure protection

COherent quantum Cascade laser Array for high SEnsitivity gas detection

This project aims at improving the detection sensitivity of explosives and their precursors using photoacoustic spectroscopy (PAS). To this end, we propose to develop a new and innovative approach for increasing the power of quantum cascade lasers (QCL) based on the realisation of coherent QCL micro-stripe arrays. Such QCL arrays will be used as gain medium inside an external cavity (EC) taking into account the specificity of the source to produce a widely tuneable Mid Infra-Red (MIR) source (ECQCL) for PAS system. Increasing the QCL source power is also of critical importance for other strategic defense applications, according to the DGA POS, including remotesensing of explosives or Chemical Warfare Agents (CWA) and Directional InfraRed Countermeasure (DIRCM).

ON GOING PROJECT

CONTACT Mathieu CARRAS III-V LAB +33 (0)1 69 41 57 57 [email protected]

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

SMEs: III-V LAB

The main objectives to be achieved by the COCASE project are:

Research institutes, universities: GSMA

◗ Design and fabrication of coherent QCL micro-stripe arrays with output power above 1W (WPE of 10%) for a wavelength selected around 8 µm for the purpose of high-sensitivity detection of acetone;

◗ Design and fabrication of a compact external cavity to extend the usable wavelength range to 200 cm1;

◗ Implementation of the QCL array and the EC in a compact easy-to use-PAS set-up; ◗ Demonstration of a detection limit of acetone = 3 ppb using the improved PAS system. Beyond these specific objectives, several spin offs are expected for both civil (multi gas sensing, complex molecule detection,…) and military (remote sensing of explosives and CWA, DIRCM…) applications. To achieve the COCASE objectives, technical works have to be performed in three areas: high-power QCL µ-stripe array, compact External Cavity and photo-acoustic spectroscopy assessment.

PROJECT DATA Coordinator: III-V LAB Call: ANR Start date: January 2012 Duration: 36 months Global budget (M2): 1.2 Funding (M2): 0.3

STATUS - MAIN PROJECT OUTCOMES ◗ Innovation n°1: a high power coherent QCL μ-stripe array. ◗ Innovation n°2: a compact high power EC-QCL: The second innovation of the project is the realization of an external cavity based on a coherent quantum cascade laser array used as a gain medium.

Digital Trust & Security WG

72

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page73

Critical Infrastructure protection

COP DRONE

Coordination et commande d'une plate-forme de drones

These last years, miniUAVs arouse great interest for many applications, especially in the field of civil security, major advances have been made. However, there are still areas for improvement. This is the objective of COP-DRONE, for wider dissemination of such a system.

◗ Users are not experts in robotics, the ideal tool would be a "mobile sensor" in which orders are given in a high-level of abstraction. Several levels of intuitive controls are possible, from the simple tele-operated mode to an autonomous navigation mode.

COMPLETED PROJECT

CONTACT Patrick RAYNAL PY AUTOMATION +33 (0)1 47 86 28 67 [email protected]

◗ The flight duration of a miniUAV is short and inconsistent with the requirments of missions that could be entrusted. Two technologies are studied in the project COP-DRONE: fixed wings UAVs and rotary wings (helicopter and quadri-rotors) UAVs.

PROGRESS BEYOND THE STATE OF THE ART The technical objective of the project is to improve the autonomy of the miniUAV in terms of navigation and localization and to provide the user with high level commands to operate the flying robot. Dedicated monitoring sensors, including Global Positioning System (GPS) camera with large field of view (fisheye), inertial sensors (accelerometers, gyrometers, magnetometers), and barometer are embedded in the flying robot and related information is fused at several stages to produce a robust localization. This redundancy will help the system in case of momentary degradation or loss of information (GPS signal reflection near buildings, poor vision context) from one of the sensors. All this sensory information is processed incrementally when the UAV is flying and it allows managing online a sensory memory map of the environment. The localization of the drone is performed within this sensory map and adequate motion is generated according to high level commands requested by the user: automatic stabilization over a target, position or speed control, autonomous navigation over previously explored area.

PARTNERS SMEs: HYPERPANEL LAB, PY AUTOMATION, Research institutes, universities: CEA LIST

PROJECT DATA Coordinator: PY AUTOMATION Call: FEDER1 Start date: September 2010

MAJOR PROJECT OUTCOMES

Duration: 24 months

The integration of research results will help to remove the bolts which are already limiting the use of minidrones in civil applications such as civil security, environmental surveillance, architecture, tourism...

Global budget (M2): 1.2 Funding (M2): 0.5

Digital Trust & Security WG

73

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page74

Critical Infrastructure protection

Détection et Gestion d'Incidents dans une voiture ferroviaire

The objective of this project is to improve both passenger's safety and comfort in public transports by detecting events such as physical aggressions and vandalism. This project consists in developing a pre-industrial prototype of a smart multimodal sensor combining various sensing technologies like video cameras, audio detectors and associated threat detection algorithms. A computational capacity will be embedded in the integrated sensor in order to run these algorithms and merge their results. It will enable to analyze in real-time both the internal and external environments of the coach, allowing to detect passengers and trigger an alarm in case of the detection of an event (vandalism, physical aggression...).

CONTACT

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

PARTNERS

◗ Use of photorealistic synthetic data to address the lack of actual data needed for algorithms development and performance evaluation of the solution.

◗ Use of innovative image processing algorithms in order to detect and recognize situations of physical aggressions with an optimized false alarm rate.

◗ Use of an integrated multimodal system composed of various modules (audio & video sensors, data processing, data fusion, communications, …) in order to improve performances compared to state-of-the-art distributed systems.

Stéphanie JOUDRIER THALES +33 (0)1 69 41 59 98 [email protected]

Large companies: MARTEC-EOLANE, MORPHO, THALES SMEs: ARKAMYS, ERTE, INPIXAL, MAC GUFF Research institutes, universities: CEA LIST, IFSTTAR

◗ Porting of algorithms on a

PROJECT DATA

constrained architecture (computing power, memory space, heating,…).

Coordinator: THALES

◗ Development of a solution in

Call: FUI11

which electronic devices withstand environmental constraints inherent in rail transport (vibrations, temperature, electromagnetic compatibility, noise, variable luminosity, …).

Start date: November 2011 Duration: 36 months

STATUS - MAIN PROJECT OUTCOMES ◗ The main outcome of this project is an integrated pre-industrial sensor embedding various technical sensors (audio, video, …) and event detection algorithms.

◗ A second outcome of this project is an industrialization plan allowing a fast industrialization of the DéGIV system.

Digital Trust & Security WG

74

ON GOING PROJECT

Global budget (M2): 5.2 Funding (M2): 1.8 Related Systematic project(s): QUASPER

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page75

Critical Infrastructure protection

DESCARTES COMPLETED PROJECT

The DESCARTES project results in an operational prototype of an Emergency Management Information System including a Command and Control platform with an embedded GIS and a suite of tools for decision making. The unique achievements of the DESCARTES system stem from its concept: • based on a standard decision making process, it addresses all the emergency management actors: rescue units, police forces, health services, critical infrastructure or transport operators… • it covers the whole crisis management cycle: the preparation phase (planning and training), the live crisis response and the restoration phase with post-crisis analysis and planning improvement, • organized in secured nodes, it links the command levels from strategic to tactical and the services’command posts providing full interoperability and digitizing the crisis space.

PROGRESS BEYOND THE STATE OF THE ART DESCARTES is the only system with the potential to provide:

CONTACT Guy PANAGET THALES SERVICES +33 (0)1 69 41 56 28 [email protected]

PARTNERS Large companies: THALES COMMUNICATIONS AND SECURITY, THALES RESEARCH & TECHNOLOGY, THALES SERVICES SMEs: GEO212, GEOCONCEPT, MASA GROUP

◗ integrated functional domains covering the whole crisis management cycle (planning, training, live crisis response, after action analysis),

Research institutes, universities: CEA DAM, CEA LIST

◗ integrated functions for live crisis management with tools adapted to the users’profile (icons, emergency plans…),

PROJECT DATA

◗ numerous integrated tools for decision making including mission follow-up, optimal use of assets, press release consulting, CBRN plume propagation forecast, vehicle movement simulation, crowd behavior simulation, 3D outdoor and indoor simulation for mission preparation, individual and collective training simulation, etc.

Coordinator: THALES SERVICES Call: FUI5 Start date: September 2008 Duration: 42 months

MAJOR PROJECT OUTCOMES

Global budget (M2): 6.4

◗ Publications: • Aligne F. et Savéant P., “Prise en compte d’un contexte évolutif dans la coordination des opérations de secours”, WISG 2011 (Workshop Interdisciplinaire sur la Sécurité Globale), Troyes, France • Aligne F. and P. Savéant (2011), “Automated planning in evolving context: An Emergency Planning Model with Traffic Prediction and Control”, Future Security 2011, Security Research Conférence, 5-7th of September 2011, Berlin, Germany.

Funding (M2): 2.3 Related Systematic project(s): MOBISIC, SIC

◗ Patents: Going on

◗ Product(s): Operational prototype of a crisis management system

◗ Job creation: 2 ◗ Maintained jobs: 10

Digital Trust & Security WG

75

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page76

Comprehensive risk management, prevention and resilience

Development and Industrial Application of Multi-Domain Security Testing Technologies

EUROPEAN PROJECT

ON GOING PROJECT

◗ DIAMONDS will leverage systematic, model-based testing and monitoring approaches for security testing to enable highly secure systems by early testing and test automation. Advanced model-based security testing methods will allow the early identification of design vulnerabilities and efficient system/test design targeting security aspects.

◗ The DIAMONDS security test methodology will be adaptable to different multidomain security standards, and enable a risk analysis-oriented test generation and risk assessments by evaluation of the test results.

CONTACT Michel BOURDELLES THALES COMMUNICATIONS +33 (0)1 46 13 30 38 michel.bourdelles @fr.thalesgroup.com

◗ DIAMONDS will develop a well-visible European security test methodology of industrial scale, which demonstrates to be successful for security-critical systems in different application domains.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ DIAMONDS will introduce four main innovations in the field of security testing methods and technologies. These innovations aim at building a pre-standard for model-based security testing targeting heterogeneous and distributed systems and services and represent the enabling technology necessary for the introduction of formal security testing in industry: • Advanced model-based security testing methods that combine different techniques to obtain improved results applicable to multi-domain security. • Development of autonomous testing techniques based on automatic monitoring techniques to improve resilience of dynamically evolving systems. • Pre-standardization work on multi-domain security test methodologies and test patterns allowing DIAMONDS to offer interoperable security test techniques and tools. • Open source platform for security test tool integration. ◗ Through these innovations we will strengthen the practices of security testing, stimulate a more wide range use of security testing in projects of different domains and help improve the quality, with respect to security, of the systems developed, reducing the security risks and the risk related costs during operation.

Large companies: ERICSSON (FIN), GEMALTO (FR), GIESECKE & DEVRIENT (GER), METSO AUTOMATION (FIN), NORSE SOLUTIONS (NOR), THALES (FR), THALES COMMUNICATIONS, TRUSTEDLABS (FR) SMEs: CODENOMICON (FIN), CONFORMIQ (FIN), CONSULTING (GER), DORNIER FSCOM (FR), ITRUST (LUX), MONTIMAGE (FR), SBA (AUSTRIA), SMARTESTING (FR), TESTING TECHNOLOGIES (GER) Research institutes, universities: FRAUNHOFER FOKUS (GER), GRENOBLE INP (FR), OUSPG (FIN), SINTEF (NOR), TELECOM SUDPARIS (FR), TU GRAZ (AUSTRIA), UL (LUX), UNIVERSITY OULOU (FIN), VTT (FIN)

STATUS - MAIN PROJECT OUTCOMES The results during the first half of the project include: the set-up of 6 industrial domain case studies; the identification, extension and partial implementation of relevant security testing techniques; and, the setup of an initial tool landscape for security testing. These activities are deem necessary to leverage systematic, model-based testing and monitoring approaches for security testing to enable highly secure systems through the definition of a security test methodology adaptable to different multidomain security requirements and standards, that integrate risk analysis-oriented test generation and risk assessments by evaluation of the test results. The dissemination efforts are substantial and include the publishing of book chapters, scientific papers, presentations, journal papers and whitepapers related to DIAMONDS. The first demonstrators have been shown at the ITEA Symposium where the DIAMONDS project won the ITEA Exhibition Award 2011. Contribution to new ETSI Industrial Specification Group (ISG) on Information Security Indicators (ISI) has been undertaken. Within ETSI MTS (Methods for Testing and Specification), DIAMONDS is focusing on model based security testing and on extending the already existing reports. The french partners (THALES, GEMALTO/Trusted Labs, Montimage, Smartesting, FSCOM, IPG-Grenoble, IT-sudParis) are involved in several of the case studies, with notable results obtained in those related to radio protocols and banking.

Digital Trust & Security WG

76

PARTNERS

PROJECT DATA Coordinator: FRAUNHOFER FOKUS Call: ITEA2 Start date: October 2010 Duration: 30 months Global budget (M2): 13.7 (EU) & 4.4 (FR) Funding (M2): 2 (FR) Related Systematic project(s): ESTER, VERDE

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page77

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Elliptic Curve Leakage-Immune Processing for Secure Embedded Systems

ECLIPSES is meant to address the limitations met in the embedded security industry by providing a breakthrough design of the Elleptic curve processing which support:

◗ Field operations: binary, ternary, etc. and prime fields alike; ◗ (higher-level) operations on the Elliptic curve itself such as point addition, point doubling or alternately point halving, point tripling, etc;

◗ efficient conversions between coordinate systems (projective, cartesian, Jacobian,

ON GOING PROJECT

CONTACT Pascal BRY GEMALTO +33 (0)1 55 01 51 36 pascal.bry @gemalto.com

Edwards, etc);

◗ any type of curve i.e. any choice of curve coefficients; ◗ efficient evaluation of pairings for pairing-friendly curves; while • improving execution time by an order of magnitude when compared to prior implementations based on RSA-dedicated cryptoprocessors; • providing a high-level of resistance against all known side-channel analysis and faultbased attack.

PARTNERS Large companies: GEMALTO SMEs: CRYPTOEXPERTS, INVIA

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

Research institutes, universities: CEA LETI, UVSQ

◗ One important challenge regarding the project is to drastically improve the ECC processing performance in relationship with the power consumption budget. ECC processing based on modular multiplication accelerator takes time as opposed to the contact-less requirement to perform a full transaction as fast as possible in reduced power consumption. This forbids the use of EC cryptography in contact-less applications today. The target of the project is to overcome limitations by using an EC-dedicated processor supporting the contact-less mode by reducing the execution time and taking into account the high constraints on power consumption.

◗ Elliptic curves became popular well after the appearance of RSA-based algorithms. As both are sharing modular representations, elliptic curves are currently developed on the same RSA hardware basis. ECLIPSES also considers ECC pairings; the breakthrough is to create a dedicated solution which takes advantage of the particularities of the curves (smallest granularity for key size, ...). A significant improvement could be here targeted.

PROJECT DATA Coordinator: GEMALTO Co-label: SCS Call: ANR Start date: December 2009

STATUS - MAIN PROJECT OUTCOMES

Duration: 36 months

After three years, the project is reaching its main objective by implementing the elementary operations for ECC and pairing application based on a dedicated coprocessor accelerator. High level behavior model has been developed allowing verifying the fundamental architecture choices and hardware / software partitioning. HDL model and FPGA board have been delivered for EC software development that will verify the pertinence of the EC accelerator integrated with a 32 CPU core. During the last year of the project, an ASIC, close to a smart card architecture, has been developed that will provide EC and pairing functions for real authentication and ciphering applications. During the last phase of the project, security analysis will be performed on this ASIC.

Global budget (M2): 2.8 Funding (M2): 1.1

Digital Trust & Security WG

77

60-133 Security 2013_Mise en page 1 24/05/13 12:10 Page78

Trust and security in large transactional systems - Cybersecurity and fraud prevention

E-FRAUD BOX

Detection and Investigation of credit card fraud on the Internet

The E-fraud Box project aims at developing an integrated toolbox of data-mining and social networks and business intelligence techniques, dedicated to:

◗ Detection of credit card fraud on Internet • Detect as soon as possible cards used fraudulently on the Internet and alert card owners as soon as possible

◗ Investigation of credit card fraud on Internet • Identify Fraud origins (the place where card owner coordinates have been stolen: database of a merchant, a real fraudulent merchant…) • Identify new fraud behaviours and new modus operandi

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS Solutions to the following problems will be particularly investigated:

◗ Rare events and very unbalanced data: structural and adaptative sampling methods and AUC (Area Under Curve) criteria optimization;

◗ Fraudulent behaviour characterization: Typicality and exception analysis, clustering methods, kernel methods with one class;

◗ Fraud dynamics: concept

ON GOING PROJECT

CONTACT Stéphane LORIN THALES COMMUNICATIONS +33 (0)1 41 30 30 58 [email protected]. com

PARTNERS Large companies: THALES COMMUNICATIONS Intermediate size enterprises: CENTRE TECHNIQUE DE LA GENDARMERIE NATIONALE, DIRECTION GÉNÉRALE DE LA GENDARMERIE NATIONALE, DIRECTION GÉNÉRALE DE LA POLICE NATIONALE, GIE CARTES BANCAIRES CB SMEs: ALTIC, KXEN

drifting and evolutive prediction of behaviour;

Research institutes, universities: LIP6, LIPN

◗ Interaction data: social network mining, collective inference and adversial computing, co-clustering and latent variable graphical models.

PROJECT DATA

STATUS - MAIN PROJECT OUTCOMES ◗ Project launched on the 12th February 2010. ◗ The main results concern: • Detection engine: Fraud detection algorithms developed in the project show interesting performance. An important work is done around social network mining algorithms: • Data are seen as a social network between card owners and merchants where they buy • Social networks algorithms like community detection, navigation paths in the graph, information propagation through the graph are then developed and used • Investigation engine: New fraudulent behaviours have been identified • The same algorithms based on social network mining algorithms are used • GIE Cartes Bancaires CB and French Gendarmerie Nationale have defined scenarios and results will be tested on realistic cases • Architecture: as the data are very huge (hundreds of millions of transactions per year), robust open source architecture based on Big Data have been tested: • NoSQL databases based on Hadoop/Hive/Pig • Column databases like InfiniDB

Digital Trust & Security WG

78

Coordinator: THALES COMMUNICATIONS Co-label: CAP DIGITAL Call: ANR Start date: February 2010 Duration: 36 months Global budget (M2): 3.4 Funding (M2): 1.2

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page79

Social and societal aspects, Social and Human Sciences

ESPRI

Exposition de soi, Privacy et Réseaux d'interaction ON GOING PROJECT

The Project ESPRI analyses problems raised by the collection of personal data and intrusion of privacy at the era of online social networks. The use of the internet as a platform for social interaction does indeed pose new problems. The collection of personal data has become mostly decentralized making the internet an open mine of data on individuals. The behaviors of internet users are ambivalent, seeking protection while being quick in practice to give voluntarily or involuntarily sensitive data. These changes reflect the fact that the Web has evolved into a participative web. What happens to privacy issues and how to regulate them when the transfer of personal data is the product of social interaction on digital platforms whose economy is based on the exploitation of these data?

CONTACT Alain RALLET UNIVERSITE PARIS-SUD 11 +33 (0)1 40 94 18 51 [email protected]

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

Large companies: ORANGE LABS

This pluridisciplinary project in law, economics and sociology will be carried out using several methodologies: econometric analysis of data, experiments in the lab and in the field, as well as qualitative interviews. Field experiments will assess whether information found in one’s social network profile are used by recruiters during the hiring process. A Facebook quiz evaluates the specific influence of online friends in the propensity to disclose personal information. Quantitative analysis of suits filed to the French national privacy regulator will allow us to test the hypothesis of the evolution of privacy issues since the 90s. The second aspect concerns the self-exposure on the internet. A better understanding of the transformation of immodesty on online social networks is essential to the current privacy issues. The weakening of the feeling of shame takes several forms, and using qualitative interviews will enable us to analyze the motivations behind the various forms of immodesty on the internet. This study will be extended by an economic analysis of the dilemma between risks and benefits created by online services that includes self-exposure on digital networks, using various methodologies — i.e. quantitative survey of two populations, lab experiments, field experiments and qualitative interviews. A final study will analyze the behavior of individuals against the appropriation of location-based services that pose important problems associated with the traceability of individuals.

Research institutes, universities: CERDI, UNIVERSITE PARISSUD 11

PROJECT DATA Coordinator: UNIVERSITE PARIS-SUD 11 Co-label: CAP DIGITAL Call: ANR Start date: November 2011

STATUS - MAIN PROJECT OUTCOMES

Duration: 24 months

The main outcome of the project is to build several scenarii tailored to the legal issues of privacy on digital networks seeking new points of equilibrium between the evolution of individual behavior, new business models and compliance with general principles. The expected outcome of the project is to help guide the necessary regulation of identified problems. Many options are indeed possible ranging from self-regulation to the need for new legal instruments.

Global budget (M2): 1.3 Funding (M2): 0.4

Digital Trust & Security WG

79

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page80

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Evolution of the security in the telecommunications and network equipments

Some attacks are targeting telecommunications infrastructures in order to take control of network nodes or to take advantage of security breaches of network management protocols. Current protections are mainly based on cryptography and tend to protect exchanged data confidentiality but failed in preventing consequences of a corrupted infrastructure node. The project defined a new way of protecting infrastructures by integrating within nodes an electronic vault or “trusted computing base” providing a new dimension of trust by: ◗ integrating devices with a high security assurance,

COMPLETED PROJECT

CONTACT Bertrand MARQUET ALCATEL-LUCENT +33 (0)1 30 77 26 25 [email protected]

◗ evaluation of the effectiveness of the protection provided by the integrated security solution.

PROGRESS BEYOND THE STATE OF THE ART

Large companies: ALCATEL-LUCENT, TRUSTED LABS, TRUSTED LOGIC

The project led to significant advances including: ◗ Improvements in security features of the OSPF protocol: • Fight against cryptanalysis, • Possibility to use an HMAC, • Protection of secrets. ◗ Security improvements in OSPF based infrastructures: • Generation of forged packets impossible. • Protection of the election of "designed router / backup designed router". • Management of the metric to avoid possible cost modifications. • Secret protection and integrity of the databases ensuring the non-propagation of attacks on infrastructure elements. The results demonstrated on OSPF can be applied to a number of protocols and security features of the telecommunications infrastructure. A study has been provided to illustrate the contribution of the solution on already secured protocols ie S-BGP.

SMEs: OPPIDA Research institutes, universities TELECOM PARISTECH, TELECOM SUDPARIS

PROJECT DATA Coordinator: ALCATEL-LUCENT Call: ANR

MAJOR PROJECT OUTCOMES ◗ Product(s) or Service(s): The smartcards, protecting the control elements and the network management without a significant degradation of the routers performances, provide protection against attacks that intend to use, destroy or falsify critical elements for the infrastructure resilience. They can contain these attacks to the router under attack preserving the resilience of infrastructure. The smartcard introduce a new level above the control plane in which are kept the secrets and the sensitive operations: the trusted plan.

Start date: December 2006 Duration: 36 months Global budget (M2): 2.6 Funding (M2): 1

◗ Patents: 1 patent. ◗ Publications: In addition to the publications in conferences, the project has issued two significant results in terms of standardization: • Proposition of two "IETF drafts", one describing the trust plan, the other a system of TLS key generation. • Certification and publication of a protection profile by the the "French Network and Information Security Agency" respecting the ISO15408 standard. ◗ Experimentations: The results have been fully demonstrated with OSPF and can be applied to a number of protocols and security features of the telecommunications infrastructure. A study has been provided for S-BGP.

Digital Trust & Security WG

80

PARTNERS

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page81

Social and societal aspects, Social and Human Sciences

Federation of Circles of Trust and Secure Usage of Digital Identities

The main purpose of the FC² project is to drive innovation in user-centric identity management through a cross sector vision. This resulted in two major types of objectives: ◗ R&D objectives: • Develop and validate a comprehensive and INTEROPERABLE set of architecture and software components, allowing new SECURE digital online services based on enhanced USER-CENTRIC identity management. ◗ Implementations objectives: • Propose and develop prototype experiments to evaluate the resulting BENEFITS for all players in the ecosystem. • Investigate innovative governance and business models for a new TRUST framework incorporating privacy-enabled Identity Federation and allowing the seamless interconnection of Circles of Trust (CoT).

PROGRESS BEYOND THE STATE OF THE ART The project has delivered an innovative e-identity management infrastructure able to: ◗ guarantee the confidentiality of e-transactions based on federated identity, ◗ support the full dematerialization of electronic services, including digital signature mechanisms, ◗ support advanced authentication mechanisms, including delegation accros Circles of Trust, ◗ allow the end user a complete control of its personal data in a distributed context, ◗ ensure a high-level of protection against all types of Identity frauds, ◗ guarantee a high-level of user friendliness for service access, ◗ ensure minimal operation costs for Service Providers and Operators, ◗ guarantee a technical neutrality versus Identity management standards (Cardspace, Liberty Alliance).

COMPLETED PROJECT

CONTACT Jean-Pierre TUAL GEMALTO +33 (0)1 55 01 61 60 [email protected]

PARTNERS Large companies: AMADEUS, ATOS WORLDLINE, EADS DS, FRANCE TÉLÉCOMORANGE LABS, GEMALTO Intermediate size enterprises: CEV GROUP (CHÈQUE DÉJEUNER) SMEs: CONSTRUCTIVECARD TECHNOLOGIE, DICTAO, ENTR’OUVERT, EPHI FORMATION, ILEX, LEIRIOS, NTX RESEARCH, SMARTESTING, XIRING Prescribers: GIE-CB, MINISTRY OF INNER AFFAIRS

MAJOR PROJECT OUTCOMES ◗ Product(s) or Service(s): The project has delivered advanced e-identity management components enabling new capabilities such as seamless authentication, Interoperability of most popular e-identity management technologies, new user interface based on an Infocard selector, available on PC, Mobile and “in the cloud”. Is has also demonstrated enhanced smart-card support through low-cost pinpad readers, compatible with the identity selector and supporting the most advanced version of the IAS-ECC or EMV standards. Enforced trust and security features have also been introduced through innovative PKI concepts and direct digital signature support. ◗ Services: The project has produced several white papers or guidance documents related to the global e-Identity ecosystem. ◗ Publications: The project has generated over 10 scientific publications and participated to numerous National or European conferences, exhibitions and round tables. ◗ Experimentations: Several use cases have been developede in the project, demonstrating generic, complex service dematerialization scenarios pertaining to the e-government, regional, financial and telecommunication domains. The setting-up of these scenatios has been done in close cooperation with either national Agencies (such as the ANTS), local city-administrations (city of Saint-Lô), external industrial partners (bank and car rental companies), the Ministry of Inner Affairs and the Caisse des Dépôts (“CDC Numérique”). ◗ Business creation: The research and technology concepts as well as the components developed in the project are now on the full exploitation path. Besides inclusion of these concepts or components in the direct product offer from the industrial partners, a large national initiative has been launched with “CDC Numérique” to prepare the deployment of a mutualized e-Identity infrastructure targeting especially local administrations (cities, regional councils). This initative is fully endorsed by the Systematic, SCS and Pôle-Tes competitiveness clusters.

Research institutes, universities: CNAM, ENSI CAEN, TELECOM MANAGEMENT SUD PARIS

PROJECT DATA Coordinator: GEMALTO Co-label: TES Call: FUI3 Start date: July 2007 Duration: 30 months Global budget (M2): 16.6 Funding (M2): 6.2 Related Systematic project(s): PERSOPOLIS

Digital Trust & Security WG

81

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page82

Trust and security in large transactional systems - Cybersecurity and fraud prevention

HAKA

High Accurate Kernel Analyser ON GOING PROJECT

This project aims at creating a Domain Specific Language that allows users to define security policies and that ensures the network analysis from OSI’s second to heighth layers (including web applications). This language will allow editors, service providers, and customers for defining strong security policies while avoiding the burden of complex, time-consuming, and costly developments. Hence, the users of this technology will have a tool allowing fine-grained analysis (malware detection, file type, protocol control etc.) but will not have to manage the usual drawbacks: memory management, high availability protocol and validation thrust. The efficiency of this implementation will allow a multi-GBytes/s analysis. It will eventually be a base for further technological developments of FAST360, one of Arkoon’s products.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS This project requires:

◗ The development of high-end equipments compatible with network infrastructures

CONTACT Laurent HAUSERMANN ARKOON NETWORK SECURITY +33 (0)4 72 53 71 91 [email protected]

PARTNERS SMEs: ARKOON NETWORK SECURITY, OPEN WIDE Research institutes, universities: TELECOM PARISTECH

(speed, availability...) with a realistic price / performance ratio.

◗ The ability to offer solutions whom performances are independent from the nature of the implemented controls. Current UTM implementations firmly link performances and actual content controls. Therefor, significant modifications of the software architecture will be required in order to externalize the heaviest content processings to virtualized servers.

◗ The evolution of FAST’s application control technology in order to support the “ Web 2.0 ” use cases. FAST will have to analyse protocols in real-time in order to apply the pre-defined policies. Those policies will possibly be assigned to application or users (through authentication).

Coordinator: ARKOON NETWORK SECURITY Call: FSN Start date: February 2012 Duration: 36 months

STATUS - MAIN PROJECT OUTCOMES

Global budget (M2): 2.3

◗ Technologically, HAKA will enable Arkoon to develop a new range of high-perfor-

Funding (M2): 1.2

mance products for protecting datacenters. These protections will notably feature an advanced application control system.

◗ The Open Source focus of the project will allow service providers, such as Open Wide, to leverage their integration expertise with their customers.

◗ Finally, the science community, Telecom ParisTech among them, will be able to use HAKA for their researches on network flow inspection.

Digital Trust & Security WG

82

PROJECT DATA

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page83

Trust and security in large transactional systems – Cybersecurity and fraud prevention

Hardware trOjans: Menaces et robustEsse des ciRcuits intEgrés

HOMERE+

Hardware Trojans (HTs) are malicious modifications of Integrated Circuit (IC). These HTs can be inserted at each step of the IC design flow by very powerful attackers. This insertion is easier nowadays due to the steady increase of outsourcing of semiconductor IC manufacturing. Such HTs can induce payloads like Denial-of-Service or secret information leakage. This can lead to disastrous consequences depending on the concerned application (deaths, ciphered communications which become clear, etc.). HOMERE project has the objective to search for and develop HT detection methods, which will be innovative and non-destructive (using logic test, side-channel analysis and run-time procedures).

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS HOMERE project will investigate 3 lines of defense.

◗ The first one concerns the circuit design itself, in which preventive methods (making the HT insertion more difficult or benign) and assistive methods (helping the 2 other lines of defense) will be studied.

◗ The second line of defense concerns the test-time procedure, before deployment of the tested circuit in applications. We will try to find detection methods by side-channel analysis (power consumption, electromagnetic radiation, etc.), extraction of internal delays and logic test.

ON GOING PROJECT

CONTACT Julien FRANCQ CASSIDIAN CYBERSECURITY +33 (0)1 61 38 71 39 [email protected]

PARTNERS Large companies: CASSIDIAN CYBERSECURITY, GEMALTO SMEs: SECURE-IC Research institutes, universities: ANSSI, ARMINES, CEA-LETI, LIRMM, TELECOM PARISTECH

◗ The last line of defense concerns the run-time procedure, which means that our circuits must be able to detect HTs during functioning.

STATUS - MAIN PROJECT OUTCOMES The project has started in October 2012. We are going to make a complete study of the state-of-the-art HT detection methods. We are going also to make a complete taxonomy of the HTs, and study realistic scenario of HT insertion. We are implementing HTs in some benchmark circuits, which will help us to calibrate our detection methods.

PROJECT DATA Coordinator: CASSIDIAN CYBERSECURITY Co-label: SCS Call: FUI14 Start date: October 2012 Duration: 36 months Global budget (M2): 6.7 Funding (M2): 2.2

Digital Trust & Security WG

83

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page84

Critical Infrastructure protection

KIVAOU

KIVAOU - Analyse de séquences vidéo COMPLETED PROJECT

The KIVAOU project aims at developing innovative tools dedicated to two main goals:

◗ Mobile facial identification and biometric indexation tool (suitcase), with real-time video analysis

◗ Platform for offline multiple video analysis of an event. These video are recorded during a particular event, and then collected for investigation purpose. After synchronisation between different sources, an analysis is performed in order to extract individual signatures, and to compute person's trajectories. The goal is to enable or to facilitate an offline analysis, for investigation purpose. The KIVAOU project proposes innovative approaches based on the combination of components already mastered by each partner: biometrics, image analysis, video analysis, tracking, synchronization, users GUI needs, etc. It includes a test phase with end-users.

PROGRESS BEYOND THE STATE OF THE ART ◗ Face recognition and face tracking • Improvement of the face quality by using surresolution. • Selection of the best in term of quality, orientation and precision of series of images

◗ Pedestrian tracking • Segmentation in region of interest, extraction of moving edges with morphological space-time gradient or background difference. • Classification of the forms in classes: pedestrians, groups. • Algorithm for components separation of the groups. • Definition of signature based on the keypoints stored in KD-Tree for the multi camera re-identification.

CONTACT Samuel VINSON SAGEM SECURITE +33 (0)1 58 11 34 71 [email protected]

PARTNERS Large companies: SAGEM SECURITE SMEs: EVITECH, FACING-IT Research institutes, universities: ARMINES, INSTITUT TELECOM Institutions: CTSI

PROJECT DATA Coordinator: SAGEM SECURITE Call: ANR Start date: February 2008 Duration: 29 months Global budget (M2): 1.7 Funding (M2): 1.1

MAJOR PROJECT OUTCOMES ◗ Publications: 11 ◗ Experimentations: 2

Digital Trust & Security WG

84

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page85

Critical Infrastructure protection

Localisation en Environnement Adverse ON GOING PROJECT

◗ The LEA project will benefit from TOCHA's inroads while specifically targeting to give a new and innovative advantage to law enforcement and security forces. It will also operate in desert or maritime areas with scatered or no ground communication coverage. The consortium gathers the best specialists in electronics, software, antennas, and software platforms. Its steering committee will include a panel of typical uses of such new generation beacon. Tracking of vehicles, objects, and people can prevent and protect against various risks and threats.

CONTACT Antoine GUENIN PHOTOSPACE +33 (0)9 51 31 06 80 [email protected]

◗ The TOCHA project, started early 2008, will have demonstrated the feasibility of longtime, continuous tracking in multiple conditions, facing adverse physical constraints. But it was not conceived to face adverse scrambling, which has become a constantly growing fact, and now needs improvements.

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

SMEs: DEVERYWARE, PHOTOSPACE, SYSNAV

◗ The main technological innovations lie in the capabilities to use several technologies

Research institutes, universities: ITER

to locate the beacons. The first one, called magneto-inertial location, is based on inertial navigation techniques which sensors are composed of gyroscopes and accelerometers. The new MEMS (Micro Electro Mechanical System) offer the opportunities to create miniature inertial sensors at a very low cost. Those small devices open perspectives for a wide range of applications including drone piloting and car driving.

◗ An another technology studied to locate beacons is the triangulation of RF signals emitted from FM base stations. This way, the beacons could be targeted in a range of several kilometers. Adding an inertial platform and a magnetometer would furthermore bring new information like trajectories directed towards the magnetic North.

◗ Finally, the use of the WIFI lan would allow the analyse by servers of routers and WIFI spot MAC addresses to target beacons with a good precision in an urban environment.

PROJECT DATA Coordinator: PHOTOSPACE Call: ANR Start date: December 2009 Duration: 31 months Global budget (M2): 1.6 Funding (M2): 0.7 Related Systematic project(s): TOCHA

Digital Trust & Security WG

85

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page86

Critical Infrastructure protection

LOCINDOOR

LOCalisation and personal navigation system in INDOOR environment

In rescue operations, it is essential for Commanders to track the location of the first responders engaged inside a building; but nowadays no indoor positioning solution exists for non pre-equipped infrastructures. The objective of LOCINDOOR was to develop an indoor localisation and navigation system that would provide real-time location positioning inside buildings, with personal navigation feature and holder location tracking facilities. LOCINDOOR as personal indoor navigation system offers a positioning and guidance solution inside buildings, Where and When GPS is not reliable. Without preinstalled infrastructure, based on motion sensors worn on body and a 3D numeric building cartography, the system is totally autonomous.

COMPLETED PROJECT

CONTACT Hervé MOKRANI CASSIDIAN +33 (0)1 61 38 84 95 [email protected]

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

Large companies: CASSIDIAN

The project has delivered an innovative indoor positioning solution able to:

Intermediate size enterprises: EOLANE

◗ Measure human motion from a 9axis motion tracking device or an array of distributed magnetometers

◗ Estimate real time user location with innovative algorithms and map matching ◗ Offer intuitive touch-screen user interface with 2.5D building mapping display and advanced indoor navigation routing to join the destination

SMEs: MOVEA, ROBOSOFT-PGES Research institutes, universities: ARMINES, CEA LIST

◗ Upload building cartography using various technologies, some contactless but other operating without power supply

◗ Transfer location data through a secured tactical radio communication system

PROJECT DATA

◗ Monitor engaged resources lo-

Coordinator: CASSIDIAN

cation on a 2.5D building map display

Call: FUI5

◗ Broadcast indoor real time video streaming

Start date: June 2008

MAJOR PROJECT OUTCOMES

Duration: 40 months

◗ Publications:

Global budget (M2): 6.3

• "On-the-field calibration of an array of sensors" E. Dorveaux, D. Vissière, et N. Petit. • "Combining Inertial Measurements and Distributed Magnetometry for Motion Estimation" E. Dorveaux, T. Boudot, M. Hillion and N. Petit. • "Harmonization of a multi-sensor navigation system" E. Dorveaux and N. Petit. • "An improved shoe-mounted inertial navigation system" N. Castaneda, S. Lamy-Perbal. • "An Improved Pedestrian Inertial Navigation System for Indoor Environments" Sylvie Lamy-Perbal, Mehdi Boukallel. • "Magneto-Inertial Navigation Principles and application to an indoor pedometer" E. Dorveaux - PHD Thesis.

◗ Patents: "Dispositif d’aide à la navigation, notamment à l’intérieur de bâtiments" (n°1054294).

◗ Technology dissemination: Indoor pedestrian navigation demonstration in Las Vegas Consumer Electronics Show 2013.

◗ Job creation: 1 ◗ Maintained jobs: 5

Digital Trust & Security WG

86

Funding (M2): 2.6

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page87

Digital Trust for citizens

Lightweight privacy-enhancing cryptography for mobile contactless services

The next generation of mobile and smartphones will integrate NFC (Near Field Communication) chips. With the fast emergence of this contactless technology, mobile phones will soon be able to play the role of e-tickets, credit cards, transit pass, loyalty cards, access control badges, e-cash wallets, etc. The main goal of LYRICS is to enable end users to securely access and operate these contactless services in a privacy-preserving manner that is, without having to disclose their identity or any other unnecessary information related to personal data. More specifically, we intend to design new innovative solutions that achieve the fundamental privacy principles such as data minimization, which states that only the information that is strictly necessary to complete a particular transaction should be disclosed (and nothing more).

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS Cryptography-based technologies exist that partially respond to these privacy requirements in some contexts. Yet none of these has been specifically designed for contactless transactions, where being offline, ensuring very low latency and being limited to constrained resources are major issues. LYRICS intends to overcome these deadlocks by:

◗ Providing an open, general-purpose architecture for privacy-preserving contactless services;

◗ Inventing and specifying lightweight cryptographic mechanisms that can be used to protect users’ privacy in the context of contactless mobile services;

ON GOING PROJECT

CONTACT Jacques TRAORE ORANGE LABS +33 (0)2 31 75 93 81 [email protected]

PARTNERS Large companies: ATOS WORLDLINE, MICROSOFT, NEC CORPORATION, OBERTHUR TECHNOLOGIES, ORANGE LABS Research institutes, universities: ENSI DE BOURGES, ENSICAEN, IRISA / UNIVERSITE DE RENNES 1, MODYCO / UNIVERSITE PARIS OUEST NANTERRE LA DEFENSE

◗ Securely implementing these cryptographic tools on selected NFC-enabled mobile phones;

◗ Developing and experimenting a pilot implementation of a privacy-preserving contactless mobile service (e.g. an m-ticketing application).

◗ These objectives will be achieved in the context of the social appropriation of technological innovations and services.

PROJECT DATA Coordinator: ORANGE LABS Co-label: SCS, TES Call: ANR Start date: February 2012 Duration: 36 months Global budget (M2): 2.4 Funding (M2): 0.9

STATUS - MAIN PROJECT OUTCOMES We expect to specify a high-level applicative architecture for privacy-preserving contactless mobile services which could serve as a basis for standardization and future market offerings in this area. The innovations expected from the project are the emergence of lightweight cryptographic primitives associated with relevant mechanisms and protocols for the controlled disclosure of personal information in the context of contactless mobile services.

Digital Trust & Security WG

87

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page88

Critical Infrastructure protection

MANIF

New aerial devices for identification in the crowd COMPLETED PROJECT

The goal of MANIF project is to study the interest of air devices (like for example UAV) in the context of crowd conflict. This function "height view" is investigated as far as all the information can be coordinated and the systems are compatible. The air platforms must be defined with on board sensors, communication networks, and command tools in accordance to operating needs in global security. The project is divided into three phases:

CONTACT Amandine VERDIER BERTIN TECHNOLOGIES +33 (0)1 39 30 61 74 [email protected]

◗ a phase of analysis of the need, the definition of the specifications and the choice of a scenario (9 months);

◗ a research phase study and development defining the architecture system (10 months);

◗ a phase of realization of a simulation for demonstration of the interest of the function “height view” (7 months).

Intermediate size enterprises: BERTIN TECHNOLOGIES, MARTEC

PROJECT RESULTS

SMEs: COGISYS, PY AUTOMATION, SOFEMA

◗ Technologies: • This project deals with the improvement of aerial vehicles used during the operations of maintenance of law and order in the context of crowd conflict by combining analysis and simulation. It has for objective to define a concept of use and the systems recommended for the implementation of a real-time surveillance, in direct connection with the authorities. • The main crowd movements can be classified in 3 groups: dynamic events (movement of protest like march or entertainment event like musical event), static events (for example sporting event in a stadium; politic events like G8) and urban violences (spontaneaous movement in variable areas). The reserved scenario is the one urban violence representing the most complex case to be mastered (impossible anticipation, progress mainly by night, localization unpredictable). • The main specifications of need directed the choice of the air platform to a mini drone or MAV Micro Aerial Vehicle (simple, intuitive operation requiring minimal operator training, deployment and stowing operations accomplished rapidly, less expensive than a helicopter, capable of doing day and night observation in urban areas, real-time video system for real-time surveillance) with the possibilities of transmissions represented on the illustration. • Two complementary devices in terms of observation have been proposed: one developed by Py Automation (Fixed Wing, high altitud, speed and endurance) and another by Bertin Technologies (Vertical takeoff and landing enables “hover and stare” mission profile but with lower endurance compared to Py Automation device).

◗ Experimentations: • The developed simulator demonstrates the interest of the”vision of the sky” for a better and faster coordination of the operations to the ground of maintenance of law and order. • Besides, this simulator could, after evolution and individual adaptation, become an innovative tool, particularly well adapted for applications in the field of the training to the use of drones within the framework of missions of surveillance / control of the violence, in France and abroad.

Digital Trust & Security WG

88

PARTNERS

Research institutes, universities: TELECOM BRETAGNE

PROJECT DATA Coordinator: BERTIN TECHNOLOGIES Call: ANR Start date: February 2007 Duration: 27 months Global budget (M2): 1.2 Funding (M2): 0.8

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page89

Critical Infrastructure protection

MA-NRBC

Moniteur d'alerte MA-NRBC (CBRN Alert Monitor)

◗ MA-NRBC project aims to develop an alarm integrating CBRN risks (Chemical, Biological, Radiological, Nuclear) such as “dirty Bomb” or any biological or chemical attack of terrorist origin. This system contributes in securing the critical infrastructures (ministry, parliament), public places (airport, station, subway, stadium, etc.) or headquarters of sensitive organisations (UNO, EU parliament, etc.).

◗ It consists in putting into network operation and exploitation of sensors being deve-

COMPLETED PROJECT

CONTACT Jean-François MOREAU SAPHYMO +33 (0)1 69 53 73 13 [email protected]

loped and supplied by different partners of common project (Saphymo, CEA, BERTIN and PROENGIN). It also allows to take samples which could be necessary to eliminate any doubt in case of alarm activating.

◗ The sensors have a common communication interface which allows an easy opera-

PARTNERS

tion thru the supervision software.

PROGRESS BEYOND THE STATE OF THE ART MA-NRBC project consists of finalising a demonstrator which has the following advantages:

◗ The Saphymo/CEA common development has shown that it was possible to detect and discriminate gamma and neutron radiation thru use of basic plastic scintillator, which is normally used for gamma detection only.

Intermediate size enterprises: BERTIN TECHNOLOGIES SMEs: PROENGIN, SAPHYMO Research institutes, universities: CEA

◗ Bertin has adapted the existing technology Coriolis® dedicated from biologic to chemical samplings.

◗ ProEngin has shown the feasibility of the biological and chemical detections in one sensor only with a maintenance reduced for biological detection.

PROJECT DATA Coordinator: SAPHYMO

MAJOR PROJECT OUTCOMES

Call: FUI4

◗ Product(s) or Service(s):

Start date: December 2007

• The equipment developed within MA-NRBC project allows to cover all risks (Chemical, Biological, Radiological, Nuclear). It enables all partners to propose to their customers a global offer, which represents a highly advantageous integrated solution with unique supervision and always remaining adjustable. • The different elements of the system can be proposed separately. For example, the biological and chemical sensor associated to a radiametric probe represents a compact solution which allows to cover the R, B, C risks and may be reinforced for problem resolution by biological and chemical collectors. • The MA-NRBC project allows Saphymo to present a product range to respond to all NR risks in the frame of “global security”. • The current technology to detect the fissible materials is based on Helium 3 detectors. There is currently a shortage of Helium 3. Gamma/Neutron plastic scintillation detector represents a promising alternative solution especially for Saphymo. • The alpha, beta, gamma aerosol monitor will be an additional element to be proposed as an option. In fact, in case of attack (or serious nuclear accident), the environment will be the first exposition way for people. That is why the analysis of aerosols (solid particles in suspension in the air) has to be reinforced. Moreover, the risks covering will be reinforced by use of GammaTRACER monitors with data transmission by radio and supervised by PC in order to control the ambient radioactivity.

Duration: 24 months Global budget (M2): 3.8 Funding (M2): 1.4

◗ Patents: The CEA has developed two algorithms that have resulted in two patents. The first is about the method for neutron/gamma discrimination on the solid organic scintillators. The second one is about the stabilisation of photomultipliers' saving. The last is important for the quality of measurements.

Digital Trust & Security WG

89

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page90

Trust and security in large transactional systems - Cybersecurity and fraud prevention

MARSHAL+

Mecanisms Against Reverse-engineering for Secure Hardware and Algorithms.

MARSHAL+ focuses on the conception of effective, reliable means to guarantee the secrecy of sensitive software running in embedded environments. This relates to several categories of scientific expertise, ranging from hardware design and countermeasures to low-level de-compilation and software obfuscation techniques. MARSHAL+ intends to collect a number of good practices among experts in these fields and to rely on their industrial know-how and/or research capabilities to come up with a clear understanding of what can be done to thwart reverse-engineering and make secure systems more resistant against this threat.

CONTACT

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

PARTNERS

ON GOING PROJECT

Axel TILLEQUIN EADS +33 (0)1 46 97 34 08 [email protected]

Large companies: CRYPTOEXPERTS, EADS, INSIDE

◗ determine whether protecting sensitive software is possible in practice by exhausting, understanding and modeling hardware and software attacks;

Intermediate size enterprises: INVIA

◗ identify and develop innovative

SMEs: CRYPTOEXPERTS, SECURE-IC,TRANEF

obfuscating approaches to effectively thwart or substantially limit reverse-engineering of software IP by relying on new assembly code transformations;

Research institutes, universities: IRPI, LABRI, TELECOM PARISTECH, UVSQ, XLIM

◗ aggregate those under the form of an experimental secure device embedding sensitive cryptographic software (thus implying the development of a highly secure hardware and software platform) and submit this secure platform to public scrutiny.

PROJECT DATA Coordinator: EADS

STATUS - MAIN PROJECT OUTCOMES A prototype of secure device implementing new techniques against reverseengineering. In a typical use case, the device would perform access control to dedicated data by relying on cryptographic facilities and would involve a proprietary decompression algorithm. This prototype shall resist attacks targeting the recovery of cryptographic keys (SCARE/FIRE), and attacks targeting the intellectual property of proprietary software.

Co-label: SCS Call: FUI12 Start date: January 2012 Duration: 24 months Global budget (M2): 3.1 Funding (M2): 1.3 Related Systematic project(s): BINCOA, SECURED ALGORITHM

Digital Trust & Security WG

90

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page91

Critical Infrastructure protection

Méthodologie d’évaluation des algorithmes d’exploitation des enregistrements de la vidéoprotection

◗ Video protection systems include video recorders dedicated to forensic, and formal proof constitution. Time spent by operators to retrieve specific video data in such large volumes can be very long. This research time is critical, with a direct impact on safety and security of citizens.

◗ The objective of METHODEO is to define methodologies to characterize various video analysis algorithms performing the same functionality from a set of descriptive parameters of observed scenes. Those parameters will be adaptable to various scenes, and will describe both the content and the context of the scene.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ Specification of video for testing in terms of content and conditions vs. a difficulty level mark.

◗ Ability to measure the genericity of video sequences (same behavior of an algorithm on two sequences having the same description).

◗ Recommandations on the annotation process regarding the format and the influence of a semi-annotation process on performance evaluation.

ON GOING PROJECT

CONTACT Jean-François GOUDOU THALES +33 (0)1 69 41 59 96 jean-francois.goudou @thalesgroup.com

PARTNERS Large companies: THALES SMEs: KEENEO Research institutes, universities: CEA, IRIT, SUPELEC, TELECOM SUDPARIS

PROJECT DATA Coordinator: THALES Call: ANR

STATUS - MAIN PROJECT OUTCOMES Project is ongoing. Needs are focused on very high level semantics and very precise details: be able to characterize a person compared to another in video surveillance footages. Video evaluations are mostly done on a few videos with few description, thus difficult to generalize. Video annotation is still a huge, very expensive and error-prone topic. This project is now focussing on providing extended video descriptions and annotations in terms of scenarios, video semantics, video quality, content and environment, independently from the algorithms to be tested. Kick off meeting april 2011.

Start date: April 2011 Duration: 24 months Global budget (M2): 2.8 Funding (M2): 1 Related Systematic project(s): QUASPER

Digital Trust & Security WG

91

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page92

Digital Trust for Citizens

MOBILAO - Digital Signature in Mobile Environments - by Dictao

In a context of increasing user-oriented mobile applications and rising paperless technologies, digital signature becomes the keystone of the trusted ecosystem in the individual exchanges and the heart of the challenges for a modern society. The objective of the MOBILAO project is to:

◗ Develop an architecture, a trusted secure platform and an "electronic signature book"

CONTACT Christian KUHN DICTAO +33 (0)1 73 00 26 94 [email protected]

application enabling new services based on digital signature over a smartphone,

◗ Implement this application in demonstrators targeting eGovernment services, B2B services and C2C services.

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

SMEs: DICTAO

We managed to reach the target we set in 2009:

◗ Build on existing but isolated technologies in order to achieve a universal platform, open, but at the highest level of security that may be certified by official bodies. Concretely this means:

◗ Validate new security concepts (dispersed secrets, mobile containers…) and human interface technologies and get the feedback of our today clients.

◗ Interface the Dictao Electronic Signature Book with the other trusted functions such as: • Strong authentication means (such as OATH) and Access Control Server (such as Dictao DACS product); • Electronic Vault giving legal-binding value to archived document (contracts for example) signed on an mobile device.

PROJECT DATA Coordinator: DICTAO Call: WEB2.0 Start date: January 2010 Duration: 15 months

MAJOR PROJECT OUTCOMES

Global budget (M2): 0.8

◗ Patents:

Funding (M2): 0.3

1 Patent is in progress.

◗ Product(s) or Service(s): • Development of the new product Dictao Electronic Signature Book, already sold and deployed by the General Council of Seine-et-Marne and Ubifrance. • Development of an enhanced Eletronic Signature Book for online Banking and online contracting on an iPhone and on an iPad (in pilote phase in few banks) • Development of innovative security mechanisms to guaranty the same trust in a mobile environment as in a tarditional fixed environment. • Development of an interface to the Dictao Secure Storage Server (D3S) to archive document signed in the Electronic Signature Book and garanty their legal value over the years. • Development of an interface to the Dictao Access Control Server (DACS) to enable OATH mobile authentication.

◗ Job creation: • 1 Program Manager, • 1 Senior Architect, • 5 Development Engineers, • 2 interns.

Digital Trust & Security WG

92

COMPLETED PROJECT

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page93

Critical Infrastructure protection

Mobile Securization System for Critical Infrastructures

MOBISIC project deals with both local crisis (attack bombing in urban environment, in confined space such as an underground train tunnel …) and specific event securisation (football world cup, political meeting …). It consists in conceiving, developping and experimenting a mobile, modular ('plug and play') and multi-sensors securisation system. Capacity of fast deployment by non-specialized operators and high energetic autonomy are key features of the system.

PROGRESS BEYOND THE STATE OF THE ART ◗ Development and validation of an automatic discovery of heterogeneous sensors solution (plug and play architecture)

◗ Fast sensor integration to a mobile C2 with a wireless broad band connexion ◗ On live experimentations with Police Force and First responders (ENSOP, SDIS 77) ◗ Incresing of Technology Readiness Level in the field of indoor and outdoor UAVs, indoor localisation system, NRBCE sensors, on the move facial biometry, contact less authentification system, intrusion detection system based on video and audio analysis.

COMPLETED PROJECT

CONTACT Sophie CHAGUÉ THALES +33 (0)1 69 41 59 98 [email protected]

PARTNERS Large companies: ALCATEL-LUCENT, BERTIN TECHNOLOGIES, GEMALTO, MORPHO, SODERN, THALES SMEs: EVITECH, MAGELLIUM, POLE STAR Research institutes, universities: CEA, INRIA

PROJECT DATA Coordinator: THALES Call: FUI3 Start date: October 2007 Duration: 42 months

MAJOR PROJECT OUTCOMES

Global budget (M2): 9.4

◗ Publications: “Tools for nuclear and radiological risk characterization” by CEA LIST, HCFDC 2009 Price for Face On The Fly® by Morpho

◗ Patents: 4 patents by Gemalto around the contact less badge system, for example: “Contact less emulation per Bluetooth”, 1 patent in progress by CEA LIST “temporal fuzzy expert system”.

Funding (M2): 3.2 Related Systematic project(s): DESCARTES, LOCINDOOR, RAF, SIC

◗ Product(s) or Service(s): Video suitcase Evitech, biometric gate Morpho, HoverEye - EX UAV Bertin Technologies, ULIS RCE threat detector Sodern are now available on the market.

◗ Job creation: Making work 13 partners, MOBISIC project has strongly supported R&T during more than 3 years. One job has been created at Thales.

◗ Business creation: Common trade shows between Evitech and Alcatel-Lucent in progress.

Digital Trust & Security WG

93

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page94

Critical Infrastructure protection

NIMBLENET

NimbleNET COMPLETED PROJECT

The NimbleNET project deals with high data rate wireless networks offering scalable and flexible capabilities and able to support a great number of nodes. The objectives are fixed deployments requiring a high tolerance to failure, destruction and jamming for applications such as video surveillance of critical sites or overseas operations. Another operational mode is related to fast and temporary deployment for public safety or in case of crisis management after terrorism attacks.

CONTACT Frédéric GOURMELEN ÉOLANE +33 (0)1 69 82 20 00 [email protected]

◗ A typical network includes 50 to 200 nodes monitored by 1 to 5 supervision centers and located on an around 10 km side square. It is deployed in urban or suburban environment and its topology is based on a mesh centralized tree.

◗ The project results are highlighted by a demonstration involving adapted on the shelf devices for small configurations and by simulation.

PROGRESS BEYOND THE STATE OF THE ART ◗ The main technical innovation of the NimbleNET project is the combination, for the first time, of a set of techniques to improve the security and the flexibility of a wireless network made of a great number of nodes against attacks such as jamming and repeater destruction.

PARTNERS Large companies: THALES Intermediate size enterprises: EOLANE Research institutes, universities: TELECOM PARISTECH

◗ Well known solutions such as wide-band hopping techniques are mixed to innovative solutions such as Fast Electronically Steerable Antennas (FESA) coupled to the TDMA protocol of the WiMAX standard to ensure communications security and reliability. Scalability and flexibility of the network are managed by the application controlling the rate of the data flows and assured by the algorithms related to the dynamic topology control, allowing the network configuration update.

◗ By this way, the wireless network has extended radio coverage and is tougher to failure, destruction, jamming and interference. The radio characteristics are exploited by using in real time the available spectrum parts and mixing the frequency and spatial reuses. The loss of a relay or a supervision center is alleviated with an update of the network configuration defined dynamically by the topology algorithms.

PROJECT DATA Coordinator: EOLANE Call: FUI8 Start date: January 2010 Duration: 27 months Global budget (M2): 1.3 Funding (M2): 0.5 Related Systematic project(s): RAF

MAJOR PROJECT OUTCOMES ◗ The market approach is done, as well as the technical analysis. ◗ Development phase is done, on each topic required to fit the project requirements: low layers of the protocol stack, topological control, network monitoring and video application surveillance.

◗ Simulation models for topological control were running for huge networks and results are fruitful.

◗ Integration nearly close to be ready for experimentation starting soon…

Digital Trust & Security WG

94

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page95

Social and societal aspects, Social and Human Sciences

Normalisation et Sécurité globale. La formulation en normalisation du concept de sécurité globale

NOTSEG - Standardization and Societal Security. Standardization, a major sector of the economy, henceforth formulates rules concerning the security for citizens. Field of concerned standards: security management, information, coordination, communication and command systems, doctrine of use of technologies (NRBC, video surveillance).

PROGRESS BEYOND THE STATE OF THE ART Taking part in the issuing of standards at an international level (ISO TC223 and CEN TC 391). ◗ Supporting public authorities concerning specific topics such as business continuity and crisis management. ◗ Publishing in scientific and professional journals. ◗ Organizing an international conference (2012), taking part in scientific and professional conferences.

COMPLETED PROJECT

CONTACT Brigitte JUANALS UMR MODYCO, UNIVERSITÉ PARIS OUEST NANTERRE LA DÉFENSE +33 (0)6 77 24 07 95 [email protected]

PARTNERS Large companies: AFNOR, SECTOR Research institutes, universities: UTC COMPIÈGNE

PROJECT DATA Coordinator: CNRS -MODYCO

MAJOR PROJECT OUTCOMES

Call: ANR CSOSG Start date: February 2010

◗ Publications: Journals: • Juanals, B., Minel, J.L., 2012: 17-23. “Monitoring the S t a n d a rd i z a t i o n Writing Process, Theoretical Choices and Methodological Tools”, Journal on Systemics, Cybernetics and Informatics 10, 4 (2012) USA. • Dumortier T., 2012: 1607-1638, « La certification au service de l’Administration: essai de typologie et enjeux juridiques », Revue de droit public, 2012. • Picard J.-M., La Documentation française, 2011. « Sécurité globale: de Prague à Bangkok, les nouveaux enjeux de la normalisation technique ». Cahiers de la sécurité intérieure, INHES, Paris la documentation française. • Conferences: Lafréchoux M., Juanals B., Minel J.L., 2012: 563-575. « KONTRAST: création d’un glossaire contrastif à partir d’un corpus de normes internationales », in JADT (Journées internationales d’analyse statistique des données textuelles) 2012, Liège, Belgique • Picard J.-M., 2010. “Societal Security: First standards for business continuity and ISO 31000, concepts, similarities and differences”; communication avec actes, congrès LMU La Rochelle octobre 2010.

Duration: 36 months Global budget (M2): 0.7 Funding (M2): 0.3

Digital Trust & Security WG

95

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page96

Trust and security in large transactional systems - Cybersecurity and fraud prevention

ODYSSEE, Haut Débit Sécurisé COMPLETED PROJECT

Use of both encrypted high rate transmission and secure storage in small devices (USB key, MP3 key, smart cards…) increases rapidly. Thus it becomes necessary to dispose of high rate, low consuming cryptographic modules that must also be resistant against physical attacks. Stream ciphers are designed especially for high rate applications. They were recently renewed by the eStream project, but without real interest in their resistance against physical attacks.

CONTACT Blandine DEBRAIZE GEMALTO +33 (0)1 55 01 59 40 [email protected]

The goal of the Odyssee project is then to:

◗ ◗ ◗ ◗ ◗

Select stream ciphers adapted to embedded environments. Analyse their security against physical attacks. Develop countermeasures and test their validity. Measure and compare their performances.

Large companies: GEMALTO

Test their pertinence in real life applications.

PROGRESS BEYOND THE STATE OF THE ART The publications of the ODYSSEE's partners have shown that most stream ciphers are vulnerable to DPA (Differential Power Analysis) and DFA (Differential Fault Analysis). DFA attacks were precisely described on Grain-128, Snow 3G and Rabbit. Countermeasures to protect stream ciphers against DPA were developped and experimentally tested. Software and Hardware implementations of secured and unsecured stream ciphers were performed in embedded systems, allowing to take performance measures and make comparisons.

Research institutes, universities: CEA LETI, UVSQ

PROJECT DATA Coordinator: GEMALTO Call: ANR Start date: December 2006 Duration: 36 months Global budget (M2): 1.5

MAJOR PROJECT OUTCOMES

Funding (M2): 0.6

◗ Publications: All publications presented in conferences with program committee: • Susceptibility of eSTREAM Candidates towards Side Channel Analysis. - SASC 2008. • Fault Analysis of Grain-128. Guilhem - HOST 2009. • Fault Analysis of the Stream Cipher Snow3G - FDTC 2009. • Alexandre Berzati, Cécile Canovas-Dumas, Louis Goubin: Differential Fault Analysis of Rabbit: Toward a Secret Key Leakage, In Proceedings of Indocrypt 2009.

◗ Experimentations: • Smart cards software implementations of unsecured and secured stream ciphers were performed. This allowed to compare their performances with the performances of the AES and to validate the countermeasures. • FPGA hardware implementations of unsecured and secured stream ciphers were performed. This allowed to compare their performances with and without countermeasures and to choose the best stream cipher for a fast transmission of ciphered data. • The countermeasure validation were made by performing attacks on FPGA and smart cards implementations. This showed that unsecure stream ciphers are vulnerable and the secure ones are suffiently protected against physical attacks.

Digital Trust & Security WG

96

PARTNERS

Related Systematic project(s): SECURED ALGORITHM

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page97

Trusted Infrastructure for smart cities

OPTIMUM

Projet Coopératif pour le développement des technologies III/V en Ile-de-France

The OPTIMUM project aimed to foster the III / V value chain in Ile-de-France and to allow all the players to become key actors in the worldwide competition for those applications. By developping strong basic technologies for compound semiconductors materials and related electronic components, the consortium will provide any high performance or innovative hardware or devices required for the various development themes of the Pole.

COMPLETED PROJECT

CONTACT Jean-Luc LEDYS PICOGIGA INTERNATIONAL +33 (0)1 69 31 61 12 [email protected]

Main applications domains are:

◗ ◗ ◗ ◗

high data rate telecommunication networks (Optical fibers or WLAN), transportation and automotives (safety radars lighting, inboard networks), space (SatComs, observation, GPS infrastructure), and Security (detection, observation).

PARTNERS Large companies: ALCATEL-LUCENT III-V LABS, THALES, UMS

PROJECT RESULTS

Intermediate size enterprises: PICOGIGA INTERNATIONAL

◗ Product(s) or Service(s): Demonstrators: 40 Gbits/s transponder, chip set for car radar, chip set for 40 GHz WLAN.

◗ Patents:

SMEs: OMMIC Research institutes, universities: CNRS, IEF, TELECOMS PARIS, UPX

20 filed patents.

◗ Technologies: • Materials: development and industrialization of epitaxial structures for PHEMT, MHEMT and HBT devices on GaAS, InP or GaN sustrates. • Devices: Design and process technologies (including front end, packaging and test) for PHEMT, MHEMT and HBT (state of the art performances in Low Noise, Power, Linearity, bandwidth, and A/D signal processing).

◗ Publications: 35 publications or participation to international conferences.

◗ Job creation: 32 R&D jobs.

PROJECT DATA Coordinator: PICOGIGA INTERNATIONAL Call: FUI1 Start date: September 2006 Duration: 24 months Global budget (M2): 11.8 Funding (M2): 3.7

Digital Trust & Security WG

97

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page98

Critical Infrastructure protection

OSOSOSOS

OSOSOSOS is a Secure Open Source Operating System which Ought to be Simple

The ANR launched in 2008 a new type of call for projects: SEC&SI, where multiple teams are competing. The goal is the conception of an easy-to-use and secured operating system, which would allow standard (and risky) web browsing, but also to safely pay taxes, do e-banking or issue signed e-mails. This challenge will alternate conception phases and attack phases. The OSOSOSOS team selected containment with vserver. Special attention will be dedicated to the management of updates, the communication between vserser, and the management of user's personal data.

CONTACT

PROGRESS BEYOND THE STATE OF THE ART

PARTNERS

OSOSOSOS has demonstrated that vserver can be used as a containment technique with a low ressource consumption. Integration of a package management with the use of multiple vservers and encrypted disk is one of the key achievements of the project.

Louis GRANBOULAN EADS FRANCE +33 (0)1 46 97 31 76 [email protected]

Large companies: EADS DSS, EADS FRANCE Research institutes, universities: SUPELEC RENNES

PROJECT DATA Coordinator: EADS FRANCE Call: ANR Start date: October 2008 Duration: 24 months Global budget (M2): 0.3 Funding (M2): 0.1

MAJOR PROJECT OUTCOMES ◗ Experimentations: OSOSOSOS has gone through an intensive testing phase, in the context of the Défi SEC&SI.

Digital Trust & Security WG

98

COMPLETED PROJECT

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page99

Digital Trust for citizens

PAMPA

Password Authentication and Methods for Privacy and Anonymity

One of the main goals of this project is to develop new protocols with password authentication, which are not only more efficient but that can also provide a higher level of security. Towards this goal, we also intend to investigate the relationship between the different security models and the level of security that they provide. Next, we also consider new security aspects for group protocols with password authentication, including robustness, dynamicity, insider corruptions, and adaptive security. Another goal of our project is to design more practical one-time password systems by combining password-based and one-time password techniques. This could avoid for example having to trust the client machine, which seems hard to guarantee in practice due the existence of numerous viruses, worms, and Trojan horses.

COMPLETED PROJECT

CONTACT Louis GRANBOULAN EADS +33 (0)1 46 97 31 76 [email protected]

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

Large companies: EADS

PAMPA has improved the provable security of PAKE protocols, while minimizing the impact on performance. The project has introduced a new approach for Group PAKE where each participant appears twice on a ring, and this allows an efficient protocol for adding participants or merging groups. PAMPA has also worked on combining PAKE and OTP and combining PAKE with privacy preservation. On privacy, PAMPA has developed efficient protocols for signature delegation and for anonymous identity-based encryption and robust encryption. Four PhD students have been working on PAMPA topics. An open-source plugin for pidgin implements PAKE and Group PAKE. Project web page: https://crypto.di.ens.fr/projects:pampa:main

SMEs: CRYPTOLOG Research institutes, universities: ENS

PROJECT DATA Coordinator: EADS Call: ANR Start date: January 2008 Duration: 48 months Global budget (M2): 0.9 Funding (M2): 0.4

MAJOR PROJECT OUTCOMES ◗ Publications: • Contributory Password-Authenticated Group Key Exchange with Join Capability CT-RSA '11 • Smooth Projective Hashing for Conditionally Extractable Commitments - Crypto '09 • Robust Encryption - TCC '10 • Optimal Randomness Extraction from a Diffie-Hellman Element - Eurocrypt '09 • Anonymous Consecutive Delegation of Signing Rights: Unifying Group and Proxy Signatures - SICS '09

◗ Maintained jobs: 1

Digital Trust & Security WG

99

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page100

Social and societal aspects, Social and Human Sciences

Personnalization for identity and services COMPLETED PROJECT

In our world where so much data is exchanged,where institutions matter a lot about security, where citizens care about their private sphere, means of secure identification are needed. On the other hand, local authorities and service providers require a lot of flexibility to deploy proximity services or to enable security procedures specific to a compagny. The challenge lies in the design of procedures for administratives operations or home aid in an "open" environment: it means an environment where the different process co-exist without interfering with each other and without the emergence of security gaps.

CONTACT Jean-Loup DEPINAY OBERTHUR TECHNOLOGIES +33 (0)1 55 46 71 69 [email protected]

◗ The project targets to demonstrate the feasibility of such a platform.

PROGRESS BEYOND THE STATE OF THE ART The project has covered the following topics:

◗ Risk Analysis of Personalization in an unsecured environment: by defintion an archtecture including all the concerned actors applying to two main use cases (Daily Life Card and Corporate Card).

◗ Social acceptance and Legal framework an inquiry has been made among the city hall in France that has already some experience with Daily Life Card and a workshop with actors of the Region of Caen and the public transport to discuss about pratical and legal way to enable such systems.

PARTNERS Large companies: OBERTHUR TECHNOLOGIES, TRUSTED LABS, TRUSTED LOGIC SMEs: CEV GROUP, EURODEMAT, NBSTECH Research institutes, universities: ENSI CAEN, INRIA

◗ Design and implementation of two personalisation systems dedicated to the two use cases under consideration.

PROJECT DATA

MAJOR PROJECT OUTCOMES

Coordinator: OBERTHUR TECHNOLOGIES

◗ Experimentations: • Many use cases can illustrate Persepolis’s cases. In particular the initiators or the project have imagined a Multi Service Student card (“Carte d’Etudiant Multiservices” ou CEM). • An experimentation that illustrates that use case will be set up at EnsiCaen facilities from the 19th of April to 28th of May 2010. • 24 students, in 2nd year of engineer school specialized in electronic financial transactions via apprenticeship will be invited to participate to the experimentation set up by Persopolis Consortium from the 19th of April to the 28th of may 2010. They will be asked to test usage of a new concept of multiservice student card elaborated during Persopolis Project. • This experimentation will occur in a “electronic banking box” at EnsiCaen. This "box" is a glass room of around 20 m² in which we will install workstations and peripherals mandated by the fulfilment of the experimentation. • During the kick-off day planned on the 19th of April 2010 students, assigned in groups of 5 persons, will be invited to come and test different services proposed by the partners of the Persopolis project according to pre-defined scenarios (A different scenario will be proposed to each group). At the end of the experimentation, students will receive a questionnaire to get their opinions on proposed services, ergonomics and most important on the administration of them. • Following that day and until the 28th of May new test sessions will be organized while the partners will enrich the system. Access to the box, due to industrial confidentiality, will be securely controlled (badge and keys). So, those sessions will be supervised by an authorized person (This person will be a member of the teaching staff). • The set of deployed services will be simulated: access to library, school restaurant, exam access control, Public transport…) Students that will have access to the Multi services Persopolis Card will not be able to use it in the Real world.

Digital Trust & Security WG

100

Co-label: TES Call: FUI5 Start date: June 2008 Duration: 24 months Global budget (M2): 3.8 Funding (M2): 1.6

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page101

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Plates-Formes de Confiance COMPLETED PROJECT

PFC addresses security issues for governmental applications and critical infrastructures such as transports, energy… It also aims at reducing Total Cost of Ownership of IT systems. The third issue involved ease-of-use and ergonomics. Indeed, PFC will enable:

◗ an authenticated trust framework, allowing to get rid of the multiple authentications by providing trust definition schemes between all systems;

CONTACT Elie ZNATY BERTIN TECHNOLOGIES +33 (0)1 38 30 62 81 [email protected]

◗ consolidation of all informations on a unique terminal allowing secure access to multiple independent networks, some secure and some “unsecure” such as Internet.

PROGRESS BEYOND THE STATE OF THE ART PFC platforms overcome the need for manual transfer of information between different systems or to perform multiple authentication by providing a highly secure and versatile architecture suitable to provide secluded access to different IT environments. PFC added value has been demonstrated on workstations and embedded systems

MAJOR PROJECT OUTCOMES ◗ Publications: • Géraud Canet, Pascal Cuoq and Benjamin Monate. A Value Analysis for C Programs. In 3rd IEEE International Workshop on Source Code Analysis and Manipulation (SCAM'09), 20-21 September 2009, Edmonton, Canada, 2009. • Jean-François Couchot, Alain Giorgetti and Nicolas Stouls. Graph-based Reduction of Program Verification Conditions. In Hassen Saïdi and N. Shankar, editors, AFM'09, colocated with CAV'09, pages 40-47. ACM Press, 2009. • Alain Giorgetti, Julien Groslambert, Jacques Julliand and Olga Kouchnarenko. Verification of class liveness properties with Java modelling language. IET Software, 2(6):500514, December 2008. • Benjamin Monate and Julien Signoles. Slicing for security of code. In Peter Lipp, AhmadReza Sadeghi and Klaus-Michael Koch, editors, TRUST, volume 4968 of Lecture Notes in Computer Science, pages 133-142, Springer, 2008. • Nicolas Rousset. Automatisation de la Spécification et de la Vérification d'applications Java Card. Thèse de doctorat, Université Paris-Sud, June 2008. • Julien Blond. Modélisation et implantation de politiques de sécurité dans des systèmes d'exploitation. Thèse d'Université. Université Pierre et Marie Curie Paris VI. Novembre 2010.

◗ Product(s) or Service(s): Bertin Technologies, with PFC project, has demonstrated the need for a secure operating system allowing strong and trustable separation between networks of different sensitivities Gemalto is marketing their parts of PFC project's results in its secure Token global solution Achatpublic-Forsup, as one one the SME in PFC, has been able to demonstrate the professional services offered by their security products Bull has integrated parts of PFC project's results in its global GLOBULL offer.

◗ Job creation: The number of job creation thanks to PFC is estimated around 10. To that figure, it is worth to quote that PFC project has been the opportunity for more than 4 PhD thesis at different locations.

PARTNERS Large companies: ALCATEL-LUCENT, BULL, EADS, GEMALTO, SAGEM SECURITE, THALES, TRUSTED LABS Intermediate size enterprises: BERTIN TECHNOLOGIES SMEs: APPLITEAM, DICTAO, FORSUP CONSEIL Research institutes, universities: CEA, ENS CACHAN, INRIA, LIP6, TELECOM PARITECH, TELECOM SUDPARIS

PROJECT DATA Coordinator: BERTIN TECHNOLOGIES Call: FUI2 Start date: March 2007 Duration: 36 months Global budget (M2): 17 Funding (M2): 5.3 Related Systematic project(s): TSC

Digital Trust & Security WG

101

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page102

Digital Trust for citizens

Personal Information Management through Internet

The future Internet will bring a growing number of networked applications (services), devices and individual data (including private ones) to end-users (citizens, consumers, employees). The important challenges are the organization of their access, and the guarantee of trust and privacy. The objectives of the PIMI project are the definition of a model-based design environment and a deployment platform for Personal Information Management System (PIMS). The future PIMS must provide the end-user personal data access with services that are relevant to his needs. In order to take mobility into account, the PIMS will be accessed both by mobile devices (smartphone) and Internet-connected Personal Computers.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ ◗ ◗ ◗

Electronic trust in services. Secured private data transfer between PIMS and between services. Ergonomic Human Computer Interface including mobile ones. Service composition and re-composition based on end-users requirements (life events), on e-service trust and runtime feedback.

ON GOING PROJECT

CONTACT Olivier NICOLAS GENIGRAPHE-CITIZ +33 (0)5 34 60 92 83 [email protected]

PARTNERS SMEs: GENIGRAPH, MONTIMAGE Research institutes, universities: INRIA, IRIT, LRI, TELECOM SUDPARIS

◗ Quality of Service / Quality of Experience self adaptation. ◗ Advanced algorithms to monitor the PIMS, the private data and service accesses.

PROJECT DATA Coordinator: GENIGRAPH Call: ANR Start date: December 2010 Duration: 36 months Global budget (M2): 2.6 Funding (M2): 1.1 Related Systematic project(s): DESCARTES, MOBISIC

STATUS - MAIN PROJECT OUTCOMES The state of the art regarding personal information management systems and tools has been elaborated and a first version of the project case study has been defined and implemented for both web and mobile versions. Environment aware e-services are under investigation to allow dynamic composition based on QoS/QoE performance indicators and security properties. Event notification and management architecture is implemented and a set of quality and business indicators has been identified. First integrations of partners methods and tools within the PIMI is done.

Digital Trust & Security WG

102

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page103

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Plate-forme d'Intégration de Services de COnfiance

PISCO project aims at providing a generic hardware platform including a cryptographic component resistant to hardware attacks, constituting a foundation for different applications requiring cryptographic services, and materialized as a network-connected appliance. The cryptographic component will be implemented using a FPGA-Based System-on-Chip (SoC), will be resistant to hardware attacks and will offer cryptographic services to several kinds of applications, as mobile communication, HF communications, time stamping, signature, etc.

ON GOING PROJECT

CONTACT Liliana CABALANTTI BULL +33 (0)1 30 80 63 95 [email protected]

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS PARTNERS PISCO project will implement technological innovations in relation to the state of the art of cryptographic systems and embedded security appliances. The performance optimization will be a major challenge for the cryptographic component reinforced to be able to counter attacks by covert channel and fault injection. PISCO will allow the implementation of countermeasures and experimentation in the use cases covering a variety of areas. An important innovation is to provide the ability to include third party applications into the HSM without compromising the security of the cryptographic part, while allowing these applications to benefit from the protection mechanisms instantiated in the appliance. The cryptographic component will provide the ability to "virtualize" the HSM by creating separate cryptographic partitions, property which will be used by a secure and multi-level operating system to contribute to the compartmentalisation of trust services.

Large companies: BERTIN TECHNOLOGIES, BULL, CASSIDIAN CYBERSECURITY Intermediate size enterprises: CS COMMUNICATION ET SYSTÈMES SMEs: CRYPTOLOG INTERNATIONAL, OPPIDA, SAFERIVER, SERPIKOM Research institutes, universities: CEA LIST, INRIA, TELECOM PARISTECH

PROJECT DATA Coordinator: BULL Call: FUI14

STATUS - MAIN PROJECT OUTCOMES

Start date: January 2013

PISCO project has as objective the establishment of business and / or technological partnerships to exploit the results obtained during the project. The target market is primarily that of the OEM integrator of security solutions. The consortium project allows multiple market segments to address: safety of mobile phones, secure HF communications, dematerialization of documents.

Duration: 24 months Global budget (M2): 9.5 Funding (M2): 2.9 Related Systematic project(s): BACCARAT, MARSHAL+, PFC

Digital Trust & Security WG

103

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page104

Trust and security in large transactional systems - Cybersecurity and fraud prevention

PRINCE

Proven Resilience against Information leakage in Cryptographic Engineering

The goal of the PRINCE project is to design new cryptographic schemes and countermeasures with a provable level of security against side-channel attacks. For this we must take into account every aspect of the implementation of secure systems, from the security protocols to the cryptographic algorithms and from these algorithms to their implementation on concrete devices. This is an industrial research project that brings together theoretical cryptographers and industrial experts in embedded security.

ON GOING PROJECT

CONTACT Jean-Sebastien CORON TRANEF +33 (0)1 79 30 91 95 [email protected]

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS The expected scientific results are new security models that take into account all possible physical attacks, and new cryptographic schemes and countermeasures that are provably secure in these (maximally extended) models, and that at the same time can be efficiently implemented even on embedded devices with low processing power such as smart cards. The PRINCE project is therefore quite ambitious since currently no known practical cryptographic primitives are known to achieve security against all attacks.

STATUS - MAIN PROJECT OUTCOMES Currently all existing implementations of classical cryptographic algorithms are only heuristically secure against a very restricted class of side-channel attacks. In a nutshell, the expected final outcome of this project is the design and implementation of cryptographic algorithms that can resist all possible physical attacks in a provable way.

PARTNERS Large companies: INGENICO AND GEMALTO, OBERTHUR SMEs: TRANEF Research institutes, universities: ECOLE NORMALE SUPÉRIEURE, UNIVERSITÉ DE VERSAILLES SAINT QUENTIN EN YVELINES.

PROJECT DATA Coordinator: TRANEF Call: ANR Start date: December 2010 Duration: 48 months Global budget (M2): 2.9 Funding (M2): 1

Digital Trust & Security WG

104

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page105

Critical Infrastructure protection

QUASPER

Qualification des Systèmes de Perception

For critical infrastructures, transports and automobiles, security requirements are intensifying. Whether perception systems are fixed or onboard, used technologies (sensors associated to algorithms) are often similar. Thus industrial and academic actors from the Security, Transportation and Automotive sectors have teamed up to face the main technological lock-in: the performance assessment of perception systems. QUASPER R&D had three operational objectives:

COMPLETED PROJECT

CONTACT Jean-François GOUDOU THALES +33 (0)1 69 41 59 96 jean-francois.goudou @thalesgroup.com

◗ contributing to the development of new technologies of sensors and perception systems;

◗ supporting the setting-up of European standards on functional performance qualifi-

PARTNERS

cation for perception systems;

◗ providing scientific and technological elements to help structure the development of a future operational platform.

PROGRESS BEYOND THE STATE OF THE ART Quasper R&D outcomes are:

◗ a defined qualification methodology for each domain based on specific scenarios; ◗ the specification of an initial corpus of reference data for several sensor types;

Large companies: AKKA, MORPHO, ST MICROELECTRONIC, THALES, VALEO Intermediate size enterprises: AFNOR SMEs: CITILOG, CIVITEC, DURAN DUBOI, ERTE, HGH, SOPEMEA Research institutes, universities: CEA LIST, INRETS, INRIA, INSTITUT D’OPTIQUE GRADUATE SCHOOL

◗ the specification of the complete platform architecture for sensors stimulation, results analysis and comparison;

◗ the setting-up of a European standard on functional performance qualification for perception systems.

PROJECT DATA Coordinator: THALES

MAJOR PROJECT OUTCOMES

Call: FUI9

◗ Publications: • Quasper, qualification des systèmes de perception, Colloque AVIRS 2010, Paris • Illustration du banc dynamique Quasper, journée VeDeCom, 2010 • Caractérisation de capteurs optiques, journée VeDeCom, 2010 • Outil de qualification de détection de piéton, journée VeDeCom, 2010

◗ Job creation: 3 ◗ Maintained jobs: 8

Start time: June 2010 Duration: 24 months Global budget (M2): 2.9 Funding (M2): 1.3 Related Systematic project(s): LOVE, MOBISIC, ODIAAC, SAFEAROUND, SIC, X-VISION

Digital Trust & Security WG

105

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page106

Critical Infrastructure protection

RECONSURVE

A Reconfigurable Surveillance System with Smart Sensors and Communication

EUROPEAN PROJECT

ON GOING PROJECT

The RECONSURVE project has been motivated by the need of better tackling the stakes and the increasing number and complexity of the maritime surveillance issues, such as illegal immigration management and illegal trafficking using small vessels. Data issued from heterogeneous sensors are used as input (unmanned aerial vehicles with imaging capability, sonar networks, AIS transmitters...), and the project focuses on detection, clustering/classifying, behavioral analysis and tactical situation awareness for decision making enhancement. A coherent processing network will be designed with interoperability interfaces between these heterogeneous systems, which will enable decision support capabilities and the execution of adapted responses for the globally evaluated situation.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ The RECONSURVE system is composed of two sets of interacting architectural components.

David FAURE THALES +33 (0)1 69 41 56 88 [email protected]

PARTNERS Large companies: ASELSAN, CASSIDIAN SYSTEMS, THALES SMEs: EVITECH, GMTC, SRDC

◗ First, the proposed maritime surveillance system will contain electro-optic and infrared sensors, radar and sonar networks, deployed on ground, on boats, UAVs, land mobile platforms, satellites and underwater platforms. The provided data, as well as information from the existing AIS network, will be used in routing, safe navigation capabilities and deployment strategies for UAVs.

Research institutes, universities: ÉCOLE NAVALE/IRENAV, GREYC, TCGC, TÉLÉCOM BRETAGNE/ATOL

PROJECT DATA

◗ A Command and Control system will then be designed. A data processing block will first ensure detection of targets, classification, tracking and multilevel data fusion, and this information will be used in a preliminary threat analysis. This block will then feed a situational awareness block, which will be tasked with understanding the intentions of the target through its status/actions and its environment, and raising alerts accordingly. Moreover, an interoperability framework will be designed through a common language (ontology), to allow interfacing with other maritime surveillance systems.

STATUS - MAIN PROJECT OUTCOMES • Year 1: first operational and functional view of the system, specified and prioritized requirements. • Objective for year 2: define operational scenarios, develop a first version of the system blocks and the algorithms.

Digital Trust & Security WG

106

CONTACT

Coordinator: ASELSAN Call: EUREKA 4 Start date: January 2011 Duration: 48 months Global budget (M2): 11.7 Funding (M2): 3.6

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page107

Social and societal aspects, Social and Human Sciences

EUROPEAN PROJECT

ROLE-ID COMPLETED PROJECT

The purpose was to extend existing identity products and concepts in the field of identity management. Several new organisation-oriented identity modules were introduced and proved through demonstrators in the three main application domains addressed: healthcare, public safety and cyberdefense. The main objectives were to develop:

◗ An innovative concept of function in identity and virtual role user, to improve notions of context sharing and delegation.

CONTACT Aline ANDRILLON CASSIDIAN CYBERSECURITY +33 (0)1 61 38 81 57 [email protected]

◗ New means for organisations to model a great complexity of identities and roles and improve existing methodologies to administrate a complex organisation identity database.

◗ Self services tools such as user identify portal to let the user manage his credentials. ◗ Enhanced tools for identity provisioning that are relevant to real-life constraints.

PROGRESS BEYOND THE STATE OF THE ART

PARTNERS Large companies: CASSIDIAN CYBERSECURITY, EVIDIAN, INSTA DEFSEC LTD SMEs: ENTR'OUVERT, ILEX, SWID, UBISECURE

The project ended in October 2012. The role-ID role manager module was successfully deployed by ILEX on a French public customer contract. Several versions of self service user identity portals were deployed by Ubisecure in Finland during the project life. The solutions of Entr'Ouvert and SWID have also been improved thanks to the project and several demonstrations have been performed to partners' potential customers. As an indirect outcome of the project, an industrial partner has been setup between Cassidian Cybersecurity and ILEX, and another between Cassidian Cybersecurity and Institut Mines Telecom.

Research institutes, universities: INSTITUT MINES TELECOM, UNIVERSITY OF EASTERN FINLAND, UNIVERSITY OF OULU, VTT

PROJECT DATA Coordinator: CASSIDIAN CYBERSECURITY Co-label: ITEA2 Call: EUREKA 3

MAJOR PROJECT OUTCOMES

Start date: September 2009

◗ Publications:

Duration: 36 months

• Smatch: Extending RBAC Sessions in Virtualization Environment (ARES'2011') • Semantic Analysis of Role Mining Results and Shadowed Roles Detection (ARES'2012')

Global budget (M2): 9.9

• Towards Session-Aware RBAC Delegation: Function Switch (5th SETOP International Workshop on Autonomous and Spontaneous Security)

Funding (M2): 3.9

• A Decentralized Administration Model for Delegating and Negotiating Obligations. Journal of Multimedia Processing and Technologies (JMPT)

Related Systematic project(s): FC²

Digital Trust & Security WG

107

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page108

Critical Infrastructure protection

SafeAround COMPLETED PROJECT

SafeAround project consists in the design and the realization of a future perimetric protection demonstration system. The protected area can be a peri urban zone, a coastline, an open field countryside or a desert. SafeAround must allow highly reliable detections and an intelligent synthetic management of threats information. The designed system can detect and classify the intrusion of people, groups, vehicles, and flying objects in any directions of the hemispheric space. Different kinds of sensors such as a thermal infrared + visible light hemispheric imager, and a set of new generation geophonic sensors are linked to a common data fusion control console. The main goal of this project is to prove and illustrate the efficiency of the association of the optronic and the geophonic sensors in typical surveillance scenarios.

CONTACT Vincent LEBOUCHER HGH SYSTEMES INFRAROUGES +33 (0)1 69 35 47 70 [email protected]

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

Intermediate size enterprises: MARTEC-ERYMA

This Project allowed to built the first demonstrator of a system fusioning the following kinds of intrusion sensors:

SMEs: EVITECH, HGH, SYSTEMES INFRAROUGES

◗ Optronic IR+visible Hemispheric camera. ◗ Set of geophonic sensors.

Research institutes, universities: IEF

The fusion system allows computing detections coming from either single or multiple sensors. The integrated system is based on an Ethernet architecture using a modern standardized supervising protocole: SNMP. The optronic system is the first using uncooled IR detectors to perform hemispheric cameras. Furthermore, the visible and IR channels are integrated into a single system. The geophonic sensors allow an improved localization of the threats using the triangulation of the geophonic signals.

Coordinator: HGH SYSTEMES INFRAROUGES

MAJOR PROJECT OUTCOMES

Call: FUI2

◗ Product(s) or Service(s):

Start date: December 2006

The project led to the realization of a new kind of optronic sensor that may have a good life time due to its structural robustness. A new generation of geophonic sensor system was also optimized and is now a new product as its own. Its improved signal filtering process allows a better target classification and detection. The data processing monitoring and display system was specifically designed for the purpose of SafeAround. Its user friendly functions and its ability to present synthetic information from various sensors.

◗ Patents: The new scanning concept of IR panoramic imager using uncooled detectors is the object of a patent application file.

◗ Publications: The optronic sensor was presented to the scientific community during the OPTRO conference in Feb. 2010. A new article related to it was published: "Panoramic Images With Uncoled Detectors".

◗ Experimentations: The whole system was successfully tested in the ETBS in Bourges in June 2009. It was installed in realistic conditions, outside, in a place where it was possible to test the functions of the system, playing realistic scenarios of detection and tracking.

◗ Job creation: SafeAround made possible the hiring of about 10 engineers.

◗ Business creation: The turnover related to the commercial success of equipments designed thanks to the project SafeAround will reach 2.5M€ per year after 2012.

Digital Trust & Security WG

108

PROJECT DATA

Duration: 32 months Global budget (M2): 2.6 Funding (M2): 1.2 Related Systematic project(s): SIC

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page109

Critical Infrastructure protection

SAFEST

Social Area Framework for Early Security Triggers

Public spaces such as airports, railway stations or stadiums bring together large numbers of people to use a security-sensitive infrastructure. Electronic security systems help providing better, faster security, and safety for the general public, allowing for instance intrusion detection and monitoring of large crowds in order to provide guidance in case of unexpected events (e.g., a mass panic). However, current security systems are typically expensive, non-trivial to deploy, difficult to operate and maintain, prone to malfunction due to individual component failures, and generally lack citizen privacy-friendliness. SAFEST is a project that aims at providing a better system, more distributed based on sensor networking and more citizen-friendly, that will be demonstrated at the Berlin ariport at the end of the project.

ON GOING PROJECT

CONTACT Emmanuel BACCELLI INRIA +33 (0)1 69 33 41 01 [email protected]

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

Large companies: SAGEM

SAFEST proposes a novel approach to public area surveillance based on a distributed multi-sensor system, where low cost alerting sensors are deployed to detect suspicious events, video or image sensors are activated selectively. Various types of sensor nodes and sensors provide ad hoc gathering of information. Observation sensors will be completed by RFID for staff tracking and recognition or for baggage tracking or for detection of stolen objects. The distributed surveillance network will thus provide smart collecting and sharing information, coupled with advanced information analysis with high reliability required for security application, including easy integration within existing IP-based infrastructure. Distributed information management (image processing, multi-sensor correlation, data fusion) will provide global situation awareness, correlated to the site map, with the potential ability to couple situation anticipation and guidance system. These powerful software and hardware abilities are possible due to an innovative modular mix of cheap and yet powerful enough components for each node (configurable modules include cameras, small uncooled infrared cameras, audio sensors, light sensors, PIR sensors, GPS), as well as advanced energy consumption management.

SMEs: DAVIKO, FBS Research institutes, universities: FÖS, FRAUNHOFER, FREIE UNIVERSITAET BERLIN, HAMBURG UNIVERSITAET, INRIA

PROJECT DATA Coordinator: FREIE UNIVERSITAET BERLIN, INRIA

STATUS - MAIN PROJECT OUTCOMES

Call: ANR

Started May 1st 2012.

Start date: May 2012 Duration: 36 months Global budget (M2): 3 Funding (M2): 0.6

Digital Trust & Security WG

109

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page110

Comprehensive risk management, prevention and resilience

SAIMSI

Suivi Adaptatif Interlingue et Multi-Source des Informations

◗ Watch of the information on persons identified by the security services as having illegal activities. This watch is done over the internet using different kind of sources (social networks, specialized sites, news, RSS, …), different media (text and speech) and different languages (French, English, Arabic, Chinese). ◗ Processing of the variation of the spelling of proper names when using different alphabets like Latin, Cyrillic, Arabic or Chinese ideograms. Processing of homonyms for person names and place names. ◗ Interlingual information structuring based on both linguistic processing and professional knowledge. ◗ Identification of text or speech authors using multiple linguistic criteria (ngram, vocabulary, syntax) and vocal biometrics.

PROGRESS BEYOND THE STATE OF THE ART ◗ Information extraction from texts in 4 languages based on a general purpose deep morphosyntactic analysis and a semantics application-dependent extraction. ◗ Creation of a large ontology of the security that satisfies both a top down vision of the user needs and a bottom up vision of the knowledge that can possibly be extracted from texts. ◗ Synthetic vision of the knowledge whatever the source text language. ◗ Identification of persons even when they are homonyms or have names with variation of spelling. ◗ Processing of information in a flow (cumulative information). ◗ Recognition of a text’s author.

CONTACT Christian FLUHR GEOLSEMANTICS +33 (0)6 81 01 01 08 christian.fluhr @geolsemantics.com

PARTNERS Large companies: CASSIDIAN SMEs: GEOLSEMANTICS, MONDECA Research institutes, universities: IREENAT, LIP6

PROJECT DATA Coordinator: GEOLSEMANTICS Call: ANR/CSOSG 2009 Start date: January 2010

MAJOR PROJECT OUTCOMES ◗ Publications: • N. Martin and K. Khelif, "Focused Crawling Using Name Disambiguation on Search Engine Results", In Proceedings of European Intelligence and Security Informatics Conference (EISIC), Athens, Greece, September 12-14, 2011. • H. Saadane, A. Rossi, C. Fluhr, M. Guidère, “Transcription of Arabic Names into Latin”, 6th international conference (SETIT) , du 21 au 24 Mars 2012 à Sousse en Tunisie • C. Fluhr, A. Rossi, L. Boucheseche, F. Kerdjoudj, “Extraction of information on activities of persons suspected of illegal activities from web open sources”, conference LREC2012,workshop “language resources for public security applications”, 27 may 2012, Istanbul, Turkey • F.-M. Giraud, T. Artières, “Feature Bagging for Author Attribution”, in CLEF 2012, Rome, Italy • C. Fluhr, “Suivi Adaptatif Interlingue et Multisource des Informations, les apports de l’extraction de connaissances”, 11e Forum Européen IES 2012 - 10,12 Octobre 2012, Lille ◗ Patent: Linguistic geolocalisation EuroPCT n° 10762962.8 ◗ Product(s) or Service(s): • a deep general purpose morphosyntactic analysis for French, English, Arabic and Chinese • an application-oriented semantic extraction based on the preceding tool • a translitteration tool for Arabic, Chinese, French, English and German names • a cross lingual full text search engine • experimental tool to identify an author of a text • an extension of the Weblab open source platform with several modules for information gathering and preparation and for visualisation of results • an ontologie for security applications • a new inference service for reasoning on the knowledge base ◗ Job creation: 4 ◗ Maintained jobs: 4 ◗ Business creation: Semi automatic input of IBM I2 base from text documents

Digital Trust & Security WG

110

COMPLETED PROJECT

Duration: 34 months Global budget (M2): 3.2 Funding (M2): 1.3

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page111

Critical Infrastructure protection

SAMOSA

Microwave Scanner for Airport Security ON GOING PROJECT

SAMOSA project falls within the context of airport security. Its objective is to develop a system, based on microwave imaging technology, allowing the detection of embedded explosive on a flight passenger. The explosive could be carried closed to the body or implanted in the body of the passenger. This new technology has many advantages and could allow detecting explosives implanted in human body without revealing the intimate anatomy of passengers. The project is in the current tendency of developing advanced vision technology. However, addressing social and ethic aspects of this kind of systems, the project will bring a new lighting about civil security tools and their integration in civil society.

CONTACT Luc DUCHESNE SATIMO INDUSTRIES +33 (0)1 69 29 81 56 [email protected]

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS PARTNERS The main innovation is the use of the microwave frequency band. This would allow detecting explosive material carried closed to the body or implanted in the body of the passenger. The innovative technological concept is the development of a multiprobe scanner, with a multistatic imaging process. That would allow scanning the passenger in a very short time and would provide a global imaging with hot spots in case of presence of material explosive or any suspicious object. The intimate anatomy of passenger won't be revealing. The characterization of products that have to be detected and the qualification of the body environment have been done. Thus operating frequency band has been adapted to the dielectric characteristics of the different targets to be detected. The whole microwave architecture has been defined to permit a scan time in accordance with the specifications. Several demonstrators are currently in study to validate each technological stage. In parallel numerical simulations and backscattering measurements are running to serve imaging algorithms developments. Another innovative aspect of the project is the study of the social and ethic aspects that will bring a new lighting about the integration of new security tools. In this field problematic of human dignity and image are studied. Moreover a survey has been performed on the acceptability of security scanners with the French population. Results show a high level of acceptability which is very promising for the SAMOSA project.

Large companies: CEA GRAMAT, ONERA, STAC SMEs: SATIMO INDUSTRIES Research institutes, universities: GRSG, LAMIH, UNIVERSITE DE VALENCIENNES ET DU HAINAUT-CAMBRESIS

PROJECT DATA Coordinator: SATIMO INDUSTRIES Co-label: AEROSPACE VALLEY Call: ANR Start date: March 2011 Duration: 36 months Global budget (M2): 2 Funding (M2): 1

STATUS - MAIN PROJECT OUTCOMES The project began in March 2011. A state of the art review has been performed and the users and technical specifications have been defined. Dimensioning of the system has been done and ongoing technical actions are now focused on the feasibility and locks removal by using technological demonstrators. Studies on juridical and social acceptability aspects are currently going on.

Digital Trust & Security WG

111

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page112

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Security and Analysis of Primitives of Hashing Innovatory and Recent 2

The main objective of the Saphir2 project is to follow and take part into the NIST competition about hash functions. There is no ambiguity that this competition is a unique opportunity to study hash functions and propose its own design, as the AES competition has been for block ciphers. The goals of Saphir2 project are:

◗ to propose and support hash function candidates, ◗ to cryptanalyse some of the candidates, ◗ to develop software and hardware implementations of some of the best candidates.

ON GOING PROJECT

CONTACT Jean-François MISARSKY FRANCE TELECOM ORANGE +33 (0)2 31 75 93 18 jeanfrancois.misarsky @orange.com

Thus, the SAPHIR 2 project may have a large impact, on the whole world cryptographic community.

PARTNERS

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS Saphir2 will deliver information and analysis on NIST hash candidates:

◗ ◗ ◗ ◗ ◗ ◗

inventory the use of hash-function in standards and evaluate the impact of using SHA-3, realize mathematical and physical cryptanalysis of NIST hash candidates, implement and optimize attacks on NIST hash candidates, realize software and hardware implementation and analysis of NIST hash candidates, study design criteria and impacts of using SHA-3 on applications,

Large companies: CASSIDIAN, FRANCE TELECOM ORANGE, GEMALTO, MORPHO SMEs: CRYPTOLOG INTERNATIONAL Other: ANSSI Research institutes, universities: INRIA, LIENS, UVSQ

follow-up and support of Saphir2 candidates.

STATUS - MAIN PROJECT OUTCOMES Saphir2 has 10 Tasks divided into 5 Work Packages. More than 10 deliverables published during the three first years. But, the main results will appear at the end of the project:

PROJECT DATA Coordinator: FRANCE TELECOM ORANGE Call: ANR

◗ 15 deliverables during the three first years, ◗ 6 deliverables at the end of project.

Start date: March 2009 Duration: 48 months Global budget (M2): 6.6 Funding (M2): 2.5

Digital Trust & Security WG

112

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page113

Trust and security in large transactional systems - Cybersecurity and fraud prevention

SCALP

Security of Cryptographic ALgorithms with Probabilities

Our day-to-day lives increasingly depend upon information and our ability to manipulate it securely. For this reason much effort is put on developing systems with guaranteed security properties. The development of information security systems has to evolve from an art to a science. To this end, engineers need tools that assist them in developing security systems with provable security guarantees. The aim of the SCALP project is to develop general computer-aided tools for verifying cryptographic systems with strong correctness guarantees. These tools should have the following characteristics:

◗ ◗ ◗ ◗

Support the provable and exact security frameworks.

ON GOING PROJECT

CONTACT Yassine LAKHNECH UNIVERSITY OF GRENOBLE 1 +33 (0)4 56 52 03 81 Yassine.Lakhnech @ujf-grenoble.fr

Be reasonably automated. Be applicable to realistic systems. Put emphasis on proof checkability and certification.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS No matter how carefully crafted cryptographic systems are, experience has shown that effective attacks can remain hidden for years. This may be caused by poor design or often unclear and poorly defined security properties and assumptions. Therefore, provable security, where new systems are published with a rigorous definition of their security goals and a mathematical proof that they meet their goals, is being increasingly advocated. While the adoption of provable security significantly increases, the complexity and diversity of designed systems tend to increase too. Hence, it is largely agreed on that the point has been reached where it is no longer viable to construct or verify cryptographic proofs by hand (Bellare& Rogaway 2004, Shoup 2004, Halevi 2005) and that there is a need for computer-aided verification methods for cryptographic systems. The goal of this project is to achieve a major step towards building automated tools for the verification of cryptographic systems. In order, to reconcile generality, imposed by the high diversity of cryptographic systems, and automation, we shall build our tools upon Coq.

PARTNERS Research institutes, universities: CNAM, CNRS, ENS LYON, INRIA, UNIVERSITY OF GRENOBLE 1

PROJECT DATA Coordinator: UNIVERSITY OF GRENOBLE 1 Co-label: SCS Call: ANR Start date: January 2008

STATUS - MAIN PROJECT OUTCOMES

Duration: 48 months

An automated tool for the verification and certification of cryptographic systems. We managed to prove encryption schemes such as IND-CCA OAEP, signature schemes such as FDH and PSS and water marking algorithms.

Global budget (M2): 1.2 Funding (M2): 0.5

Digital Trust & Security WG

113

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page114

Digital Trust for citizens

SECULAR

Secure and Large image databases indexing ON GOING PROJECT

Since their invention, content based image retrieval systems (CBRS) and biometric systems have evolved separately. This is due to the fact that they originate from different research and industrial communities. The Basic Research project described in this application, called SecuLar, groups researchers from both communities who have observed that both type of systems have indeed a lot in common in terms of goals and technological blocks. These techniques are used, however, in quite different settings possibly explaining the gap between the two. The people involved in this SecuLar project believe that what is specific to each family of approach can now benefit the other for the two following fundamental reasons.

CONTACT

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS

PARTNERS

◗ There are many initiatives related to the protection of biometric data. However, there is no known practical solution, which is secure, accurate and computationally efficient. The scientific challenge is the indexing of a large collection of protected data in order to foster the search of the nearest neighbours of a protected query.

◗ Content Based Retrieval Systems manage large scale collections of multimedia con-

Teddy FURON INRIA RENNES +33 (0)2 99 84 71 98 [email protected]

Large companies: MORPHO Research institutes, universities: GREYC, INRIA RENNES, TELECOM PARISTECH

tents. The focus of SecuLar is on ‘confidentiality’ and ‘privacy’, concepts completely absent from the vocabulary of the CBRS community. This functionality is offered by Private Information Retrieval protocol, whose complexity is prohibitive and inadequate when tackling multimedia objects.

◗ The knowhow of the face recognition community is the design of efficient algorithms for the robust detection and the discriminative description of faces. However, these methods were almost never coupled to an indexing strategy, and their metrics are very specific and quite exotic for general-purpose CBRS indexing methods. This is the technical bottleneck explaining why no fast search over large collections of faces exists today. The second technical challenge is the evaluation of the security of face recognition.

PROJECT DATA Coordinator: INRIA RENNES Co-label: IMAGES & RÉSEAUX Call: ANR Start date: September 2012 Duration: 36 months Global budget (M2): 2 Funding (M2): 0.6

STATUS - MAIN PROJECT OUTCOMES The final product of SecuLar is naturally emerging from the above mentioned technical challenges: it is the architecture of a global system performing fast identification of individual faces from a very large collection of protected templates. This system is secure, enabling confidentiality and privacy so that the database could be public. The best procedure to delude the face recognition and its performance (probability of successful hack vs. distortion) are well established.

Digital Trust & Security WG

114

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page115

Trust and security in large transactional systems - Cybersecurity and fraud prevention

SECURED ALGORITHM

Secured Algorithm for platform subject to physical attacks

While implemented on embedded devices, cryptographic algorithms become vulnerable to numerous physical attacks such as side channel attacks and fault attacks. In order to protect embedded cryptographic implementations, developers have to design appropriate countermeasures which often induce an important overhead in their performances. This overhead could be significantly reduced if cryptographic algorithms were designed with specific criteria. Secured embedded systems could then have their own standards, appropriate for their uses and their constraints. The main issue of this project is to analyze the security of cryptographic primitives vs. the efficiency of their secured implementation as well as to define a symmetric cryptographic algorithm specific to embedded applications.

PROGRESS BEYOND THE STATE OF THE ART Results have been obtained through a better modelisation of physical leakages: estimation of probability density functions, use of mutual information analysis, estimation of the efficiency of EMA… New significant contributions have also been obtained regarding countermeasures against side-channel attacks, particularly masking. Finally, the overall structure of a new block cipher taking the expertise acquired into account has been fixed; we are still working on a detailed specification of the block cipher components. Practical implantations of the block cipher are also foreseen.

COMPLETED PROJECT

CONTACT Gilles PIRET OBERTHUR TECHNOLOGIES +33 (0)1 47 85 40 15 [email protected]

PARTNERS Large companies: OBERTHUR TECHNOLOGIES, THALES Intermediate size enterprises: NAGRA Research institutes, universities: TELECOM PARISTECH, UNIVERSITÉ PARIS 8, UNIVERSITÉ VERSAILLES SAINT QUENTIN

MAJOR PROJECT OUTCOMES PROJECT DATA

◗ Patents: 3. ◗ Publications: • Higher Order Masking and Shuffling for Software Implementations of Block Ciphers -- CHES 2009. • First-Order Side-Channel Attacks on the Permutation Tables Countermeasure -CHES 2009. • Evaluation of Countermeasure Implementations Based on Boolean Masking to Thwart Side-Channel Attacks. -- SCS 2009. • Overview of Dual Rail with Precharge Logic Styles to Thwart Implementation -- Level Attacks on Hardware Cryptoprocessors. -- SCS 2009. • Mutual Information Analysis: a Comprehensive Study -- Journal of Cryptology. • Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis -- IJACT 2010. • Unrolling Cryptographic Circuits: A Simple Countermeasure Against Side-Channel Attacks. -- CT-RSA 2010. • About Probability Density Function Estimation for Side Channel Analysis -- F. Flament, H. Maghrebi, -- COSADE 2010. • Side-Channel Analysis based on Rainbow Tables -- S. Guilley -- COSADE 2010. • The Variance Power Attack -- P. Hoogvorst -- COSADE 2010. • Towards a Third Order Side Channel Analysis Resistant Table Recomputation Method -- COSADE 2010. • Evaluation of Power-Constant Dual-Rail Logics Counter-Measures against DPA with Design-Time Security Metrics -- IEEE Transactions on Computers. • Efficiency of Far EMA for different distances between the antenna and the FPGA -DATE 2010. • BCDL: A High Speed Balanced DPL for FPGA with Global Precharge and no Early Evaluation -- DATE 2010.

Coordinator: OBERTHUR TECHNOLOGIES Call: FUI5 Start date: September 2008 Duration: 30 (=24+6) months Global budget (M2): 2.3 Funding (M2): 0.9

Digital Trust & Security WG

115

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page116

Trusted Infrastructure for smart cities

SEFPGA

Secured FPGA COMPLETED PROJECT

This project aims at improving the security of FPGAs embedding cryptographic applications. The goal is to study countermeasures to fight side-channel attacks and fault attacks against the programmed cryptoprocessor. The protections are studied at different levels: intrinsic, i.e. depend on the FPGA architecture, or extrinsic, i.e; depend on the application netlist . The FPGA topology is either Mesh-based, which corresponds to a matrix shape which is used in off-the-shelf FPGAs, or tree-based which is a new custom structure. The intrinsic security will be carried out by a test chip of the treebased FPGA. The extrinsic security will lead to a CAD tool which can add different countermeasures at the design flow stages and allow the designer to find the best compromise between complexity and robustness.

CONTACT Jean-Luc DANGER TELECOM PARISTECH +33 (0)1 45 81 81 17 [email protected]

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART

Research institutes, universities: LIP6, TELECOM PARISTECH

There are two major scientific achievements in this project.

◗ To provide a secure FPGA design flow which allows the designers to add.robustness properties. At the front end stage this is obtained by taking advantage of differential logic styles as WDDL, BCDL which permit the balance of the consumption. The back end stage depends on the FPGA topology. Specific partitioning and routing algorithms have been obtained for tree-based FPGAs.

Coordinator: TELECOM PARISTECH

◗ A novel custom FPGA which has a tree topology. This circuit is designed in 65nm technology and is able to received the protected DES algorithm bitstream by using a differential logic type.

Call: ANR Start date: January 2008

MAJOR PROJECT OUTCOMES

Duration: 45 months

◗ Publications: 11 • E. Amouri, Z. Marrakchi, H. Mehrez. Security-Centric FPGA CAD Tools to Balance Dual-Rail Routing in WDDL Designs. A apparaître dans Southern Programmable Logic Conference, Argentina, 2011. • E. Amouri, Z. Marrakchi, H. Mehrez. Controlled Placement and Routing Techniques to Improve Timing Balance of WDDL Designs in Mesh-Based FPGA. 2010 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS'2010), Kuala Lumpur, Malaysia, December 2010. • E. Amouri, Z. Marrakchi, H. Mehrez. Impact of Dual Placement on WDDL Design security in Mesh-Based and Tree-Based FPGAs. 2010 IEEE Conference on Ph.D. Research in MicroElectronics and Electronics (PRIME'2010), berlin, Germany, July 2010. • E. Amouri, H. Mrabet, Z. Marrakchi, H. Mehrez, Placement and routing techniques to improve delay balance, IEEE International Conference on Electronics, Circuits, and Systems, 2009, Hammamet, Tunisia. • E. Amouri, Z. Marrakchi, H. Mrabet, H. Mehrez, Improving the Security of Dual Rail Logic in FPGA Using Controlled Placement and Routing, International Conference on Reconfigurable Computing and FPGAs, 2009, Cancun, Mexico.

◗ Patents: J. L. Danger, S. Guilley et P. Hoogvorst, (2008), Procédé de protection de circuit de cryptographie programmable et circuit protégé par un tel procédé, Rapport de recherche, n° FR 08 51904.

◗ Business creation: This project contributed to help the Telecom ParisTech and LIP6 spin-offs: secure-ic http://ww.secure-ic.com and flexras http://www.flexras.com)

Digital Trust & Security WG

116

PROJECT DATA

Global budget (M2): 0.8 Funding (M2): 0.4 Related Systematic project(s): SECURED ALGORITHM

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page117

Trust and security in large transactional systems / Cybersecurity and fraud prevention

Symmetric Encryption with QUantum key REnewal

The main goal of the project SEQURE (Symmetric Encryption with QUantum key REnewal) is to develop a complete system capable of performing fast data encryption over an installed fibre optics link, with extremely high security standards. Quantum Key Distribution (QKD) is combined with Symmetric Encryption in order to allow a fast renewal of highly secure session keys. The project gathers two industrial partners (Thales Research and Technologies: TRT and Thales Communications: TCF) and two academic partners (Telecom ParisTech: TP and Institut d’Optique Graduate School: IOGS), in order to develop and implement all aspects of a high-speed encrypted link, including quantum security proofs and hardware, symmetric encryption appliances, up to network protocols allowing field demonstration of the system.

PROGRESS BEYOND THE STATE OF THE ART We have developed a quantum cryptography prototype based on continuous variable producing secret keys at a rate over 1 kbit/sec at 25 km. It is interfaced with Thales Mistral Gbit appliances allowing symmetric encryption at the Gbit/sec rate. The overall security is increased using the secret keys for fast renewal of the symmetric algorithm session keys. The whole set-up as been implemented on a fiber optics link installed between two Thales subsidiaries in Palaiseau and Massy. It has been operated for six month producing secret keys at a 600 bit/sec rate and allowing for session key renewal every 10 sec.

MAJOR PROJECT OUTCOMES

COMPLETED PROJECT

CONTACT Thierry DEBUISSCHERT THALES RESEARCH & TECHNOLOGY +33 (0)1 69 41 55 50 thierry.debuisschert @thalesgroup.com

PARTNERS Large companies: THALES RESEARCH & TECHNOLOGY, THALES COMMUNICATIONS (TCF). Research institutes, universities: TELECOM PARISTECH (TP) AND INSTITUT D’OPTIQUE GRADUATE SCHOOL (IOGS)

◗ Publications: • R. Alléaume et al., "Secoqc White Paper on Quantum Key Distribution and Cryptography", quant-ph/ 0701168 submitted to the special issue of TCS for the 25th anniversary of BB84.http://www.iota.u-psud.fr/~sequre/Publications/Publications.htm • S. Fossier, E. Diamanti, T. Debuisschert, A. Villing, R. Tualle-Brouri, and P. Grangier. “Field test of a continuous-variable quantum key distribution prototype”. New J. Phys., 11(4): 045023, 2009. • A. Leverrier, P. Grangier, "A simple proof that Gaussian attacks are optimal among collective attacks against continuous-variable quantum key distribution with a Gaussian modulation", Phys. Rev. A 81, 062314 (2010). • A. Leverrier, P. Grangier, "Continuous-variable quantum key distribution protocols with a non-Gaussian modulation" arXiv:1101.3008.

◗ Patents: Leverrier Anthony [FR]; Grangier Philippe [FR], Procédé de distribution quantique de clés à variables continues, FR2933833 (A1), 2010-01-15.

◗ Product(s) or Service(s): High security communication link combining fast classical algorithm and quantum key distribution.

◗ Job creation: One scientist has been recruited by the start-up SEQURENET in order to develop quantum key distribution prototypes.

PROJECT DATA Coordinator: THALES RESEARCH & TECHNOLOGY Call: ANR Start date: January 2008 Duration: 36 months Global budget (M2): 1.4 Funding (M2): 0.6

◗ Business creation: The know-how on continuous variable quantum key distribution has been transferred to the startup SEQURENET. The objective is to develop products exploiting quantum key distribution.

Digital Trust & Security WG

117

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page118

Critical Infrastructure protection

Sécurité des Infrastructures Critiques COMPLETED PROJECT

The SIC project adresses the securisation of critical infrastructures with innovative solutions enabling to cope with the present and future threats. It includes:

◗ technological developments of a variety of smart sensors, ◗ a proof of concept of a new system integrating sensors and implementing a smart alarm management based on complex event processing. This project has been led in close cooperation with the operators of critical infrastructures in the Paris area and the supervisory authorities, all the while being in coherence with the French and European initiatives.

PROGRESS BEYOND THE STATE OF THE ART The SIC system implements innovative sensors, among which:

◗ smart video cameras with algorithms allowing tracking of persons or detection of abnormal behaviours and intrusions,

Guy PANAGET THALES DSC +33 (0)6 08 36 45 90 [email protected]

PARTNERS Large companies: ALCATEL-LUCENT, BERTIN TECHNOLOGIES, BULL, EADS, GEMALTO, MORPHO, RATP, SODERN, THALES SMEs: TRUSTED LOGIC

◗ biometric sensors for access

Research institutes, universities: CEA, INRIA, TELECOM SUDPARIS, UNIVERSITE PARIS-SUD

control,

◗ sensors able to detect and qualify NRBC agents. The SIC middlewares have been developed in order to integrate all the alarms coming from the sensors and to present the operator with a high level alarm for an easier understanding of the current situation. This is made possible thanks to the implementation of a CEP (Complex Event Processing) engine and the writing of CEP rules based on the infrastructure risk analysis.

PROJECT DATA Coordinator: THALES Call: FUI1

MAJOR PROJECT OUTCOMES

Start date: October 2006

◗ Publications: 3 publications. ◗ Patents: FR2927713 (A1) Dispositif d'acquisition d'empreintes digitales à la volée.

◗ Product(s) or Service(s): • The CEP module will be integrated in the supervisors offer by 2014. • Bertin chemical gas detection "SecondSight" equipment is now proposed for indoor surveillance. • Several new products should be put on the market (from 2012 to 2016): Bull intrusion detection video equipment, Gemalto authentification solution, Morpho's Finger On the Fly® biometric equipment, Telecom SudPAris signature reconnaissance pad, Thales Communications video compression system, etc.

◗ Job creation: 13 jobs have been created and 43 preserved.

◗ Business creation: • The INRIA has tranfered the SIC know-how to Keeneo, firm in charge of the commercialization of videosurveillance technologies developped by the INRIA team. • The SIC team had a leading action in order to have the ISO edit new metadata video standards which will be a business booster from 2012 onward.

Digital Trust & Security WG

118

CONTACT

Duration: 45 months Global budget (M2): 24.9 Funding (M2): 7.4 Related Systematic project(s): KIVAOU, MOBISIC, VIDEO ID

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page119

Security Innovation Cluster

EUROPEAN PROJECT

SIGNATURE

COMPLETED PROJECT

The European Security Innovation Network is funded through INTERREG IVb NWE and aims to expand the existing security sector cluster infrastructure within North West Europe and become a leading European security network. The network aims to address market failures in the security sector, to break down existing barrier to cooperation in Europe, and to increase Europe's security and global competitiveness by developing and integrating European security sector clusters.

CONTACT Ben ATTFIELD NGAGE SOLUTIONS LIMITED +44 (0)1494 568 953 [email protected]

PROGRESS BEYOND THE STATE OF THE ART A transnational online market place for firms to identify the expertise; knowledge; and business/research opportunities needed to expand and grow their businesses. Members access: • Actionable business Opportunities • Events • A database of Security expertise to build a professional network; • Valuable knowledge about market developments in the European Security Sector; • Other online tools that can help collaboration with other Security Innovators. Facilitation of collaboration for the projects: • FP7 FIRE project • Franco-German project MAPPS • FP7 (RoK) “Be wiser”… A 2 month desk research project looking at existing sector mapping, using existing security reports, studies and research.

PARTNERS Large companies: ADS GROUP (UK TRADE ASSOCIATION) SMEs: NGAGE SOLUTIONS LIMITED (UK NOT FOR PROFIT), LSEC (BE INFOSEC CLUSTER) The network also has three associate partners: FUTURE URBAN SECURITY BADEN-WŰRTTEMBERG (DE), MADRID NETWORK (ESP), TELETRUST (DE)

PROJECT DATA Coordinator: NGAGE SOLUTIONS LIMITED Call: INTERREG IVB NWE Start date: April 2009 Duration: 50 months Global budget (M2): 1.9 Funding (M2): 0.9

Digital Trust & Security WG

119

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page120

Critical Infrastructure protection

SMARTVISION

Système multi senseur de détection d’objets cachés pour une meilleure gestion du flux passager

The SmartVision project deals with the development of an innovative multi-sensor system for detecting suspicious objects which are concealed on moving human bodies. A first part consists in optimizing a passive commercial millimeter wave (mmW) detector by adding a phase mask in order to increase the depth of field of the system. The second part concerns the development of an active mmW imager based on synthetic aperture radar in order to obtain more accurate data about the suspect area first detected by passive imager (shape, nature of the material…). These two sensors will be then integrated and tested in a non-collaborative passenger screening system in order to demonstrate theirs performances to the end users.

PROGRESS BEYOND THE STATE OF THE ART ◗ Improvement of the performances of a commercial full field millimeter-wave imager. ◗ Development of a low-cost focused active millimeter-wave imager at 77 GHz. ◗ Development of advanced video analysis algorithms for the detection of suspicious areas on millimeter-waves images.

◗ Integration of these sensors and algorithms in a global system for automatic inspection of a pedestrian: 'on-the-move' screening procedure.

COMPLETED PROJECT

CONTACT Thierry LAMARQUE THALES SERVICES +33 (0)1 69 41 55 23 thierry.lamarque @thalesgroup.com

PARTNERS Large companies: CEA LIST, THALES RESEARCH & TECHNOLOGY, THALES SERVICES SMEs: ATELIERS LAUMONIER, SART Research institutes, universities: CERAPS, INSTITUT TELECOM, LABORATOIRE C. FABRY, INSTITUT D'OPTIQUE GRADUATE SCHOOL

MAJOR PROJECT OUTCOMES ◗ Publications: • Système multi-senseur de détection d’objets cachés pour une meilleure gestion du flux passager (SMARTVISION) - WISG 2011, Troyes. • Multi-sensor millimeter-wave system for hidden objects detection by non-collaborative screening - SPIE Defense, Security & Sensing 2011, Conference 8022, Orlando, USA.

PROJECT DATA Coordinator: THALES SERVICES Call: ANR Start date: June 2009 Duration: 27 months Global budget (M2): 1.8 Funding (M2): 0.8 Related Systematic project(s): MOBISIC, SIC

Digital Trust & Security WG

120

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page121

Critical Infrastructure protection

Smart system based on dedicated Optical Fiber Sensing cable and distributed measurement for perimetric detection

The aim of SmartFence project was to develop an integrated system devoted to permanent monitoring of critical infrastructures perimeters. The technology, based on Optical Fiber Sensing and Brillouin scattering remains operational 24/7 in any weather conditions, and is easy to deploy on fences (CEA patented solution). This distributed fiber sensing system allows to determine in real time the profile of strains along the dedicated fiber cable attached to the fence with a remote localization of 1 m resolution, up to tens of kilometres range, and is able to detect and localize any intrusion attempt.

COMPLETED PROJECT

CONTACT Dr Pierre FERDINAND CEA LIST +33 (0)1 69 08 83 39 [email protected]

PROGRESS BEYOND THE STATE OF THE ART PARTNERS The approach is based on the fiber optic distributed technology. Sensitive fibers are used as continuous transducers up to tens of kilometers range. Based on a straightforward optical measurement, this approach addresses many of the difficulties inherent in the more traditional methods. During the project several sensing cables have been developed and tested on various fences with the help of commandos, in order to select the optimum design and to validated the deployment procedure, the software detection and the data processing.

Large companies: ACOME, RTE, SITE SMEs: SITE Research institutes, universities: CEA LIST, CEA SPACI

MAJOR PROJECT OUTCOMES ◗ Publications: • M. Giuseffi, V. Dewynter, P. Ferdinand, S. Magne, S. Rougeault, J.-M. Palut, M. Pinabiau, C. Canepa, J.C. Darocha, B. Gauvain, A. Le Gall, D. Lenan, R. Blin, S. Piot, J.-F. Sageau, L. Devatine et G. Pasteur, Barrière intelligente à haute efficacité de détection et localisation précise d’intrusion à fibres optiques pour la surveillance périmétrique de sites sensibles. Conférence WISG'08, 29-30 jan. 2008. • P. Ferdinand, M. Guiseffi, V. Dewynter, S. Magne, C. Prudhomme, S. Rougeault, J.-M. Palut, M. Pinabiau, C. Canepa, J.-C. Da Rocha, A. Le Gall, S. Cabon, R. Petit, R. Blin, S. Piot, J.-F. Sageau, L. Devatine et G. Pasteur, Le projet SmartFence: vers une surveillance périmétrique des sites sensibles par fibres optiques, WISG’09 - Workshop Interdisciplinaire sur la Sécurité Globale, Université de Technologique de Troyes, 27 & 28 janvier 2009. • M. Giuseffi, V. Dewynter, P. Ferdinand, S. Rougeault, J.-M. Palut, M. Pinabiau, C. Canepa, J.-C. Da Rocha, A. Poulain, R. Blin, S. Piot, J.-F. Sageau, L. Gourit, D. Brunet et C. Finck, SmartFence: une barrière intelligente au service de la surveillance périmétrique par fibres optiques des sites sensibles, WISG’10 - Workshop Interdisciplinaire sur la Sécurité Globale, Université de Technologiquee de Troyes. • M. Giuseffi, D. Quenson, S. Rougeault, P. Ferdinand, J.-M. Palut, M. Pinabiau, C. Canepa, J.-C. Da Rocha, A. Poulain, R. Blin, S. Piot, J.-F. Sageau, H. Lancon, C.H. Pourchier, H. Fievet, L. Gourit, D. Brunet et C. Finck, SmartFence: un système de surveillance périmétrique basé sur des Capteurs à Fibres Optiques répartis par rétrodiffusion Brillouin, WISG’11 - Workshop Interdisciplinaire sur la Sécurité Globale, Université de Technologiquee de Troyes, 25 & 26 janvier 2011. • M. Giuseffi, N. Roussel, S. Rougeault, P. Ferdinand, M. Pinabiau, C. Canepa, J.-C. Da Rocha, A. Poulain, R. Blin, S. Piot, L. Gourit, D. Brunet et C. Finck, SmartFence: Où comment les fibres optiques et l'effet Brillouin peuvent assurer la sécurité périmétrique des sites sensibles, WISG’12 - Workshop Interdisciplinaire sur la Sécurité Globale, Université de Technologiquee de Troyes, 24 & 25 janvier 2012. • M. Giuseffi, P. Ferdinand, N. Roussel, S. Rougeault, M. Pinabiau, C. Canepa, J.-C. Da Rocha, A. Poulain, R. Blin, S. Piot, L. Gourit, D. Brunet et C. Finck, Smart System based on dedicated optical fiber sensing cable and distributed measurement for perimetric detection, OPTRO-2012, 8-10 feb. 2012, Paris, France.

PROJECT DATA Coordinator: CEA LIST Call: ANR Start date: March 2008 Duration: 45 months Global budget (M2): 1.5 Funding (M2): 0.8

◗ Patents: S. Rougeault, V. Dewynter, M. Giuseffi, P. Ferdinand, et M. Pinabiau, Système de surveillance périmétrique par fibre optique, déposé à l'INPI le 1er septembre 2010 (réf. BD11041 BH).

◗ Business creation: This project convinces ACOME to launch an external buisiness unit ti push such detection technology on the market.

Digital Trust & Security WG

121

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page122

Critical Infrastructure protection

SMARTMESH ON GOING PROJECT

Definition and experimentation of an autonomous, distributed, discrete, modular, reconfigurable surveillance system for several sites, mainly isolated and powerless.

◗ Main challenge of the project is to design and realise a autonomous, wireless, generic, modular network of sensors (acoustic, video, seismic, PIR) including a secure communication, an optimised power system and an embedded computer.

◗ The reduction of the global consumption is a major goal of the project through a gen-

CONTACT Caroline SENZIER SAGEM DEFENSE SECURITE +33 (0)1 58 11 97 28 [email protected]

eral approach of the design using low power equipment, efficient power management and smart algorithms of fusion and communication.

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ To define an architecture for an autonomous sensor dedicated to security, modular and based on existing standards, allowing to fulfill the needs for surveillance of closed or open areas.

◗ To improve the power autonomy of the system: • by reduction of the power consumption of the sensors; • by introduction of smart algorithms into the sensors to reduce the power consumption; • by an optimized power supply management including a fine battery and solar cells management; • using low power consumption communications.

Large companies: INEO DEFENSE, SAGEM DEFENSE SECURITE SMEs: ACCUWATT, EVITECH, ORELIA, PRODOMO, REFLEX-CES Research institutes, universities: CEA, IEF, INRIA, TELECOM SUDPARIS

PROJECT DATA Coordinator: SAGEM DEFENSE SECURITE

◗ To improve the sensors, including acoustic detection and embedded video processing to detect intrusion.

◗ To make easier the deployment for the end user, by using simplified adhoc communications for sensors network.

◗ To include some intelligence/fusion capacity and be able to host some decentralised application software.

◗ To allow remote control and global fusion and optimisation (health management, abi lity to send qualified results to fusion and in the other side to integrate information from global situation awareness).

◗ To validate the concept of such a multifunction autonomous sensor and the technical issues in some use-cases with a real experimentation.

STATUS - MAIN PROJECT OUTCOMES The project has been restructured in November 2010 (introduction of a new partner: Accuwatt). User's requirement collection has been ended in February 2011. The global architecture has been finalized in September 2011. Detailed studies of the components of the demonstrator have started in January 2011. Most of them are now finished and first items are manufactured. IR micro-cameras and smartnodes are available. The integration starts in March 2012. The scenarios for the experimentation are now defined and must be refined for the field experimentation which is now scheduled during Autumn 2012.

Digital Trust & Security WG

122

PARTNERS

Call: FUI8 Start date: February 2010 Duration: 36 months Global budget (M2): 4.2 Funding (M2): 1.9

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page123

Comprehensive risk management, prevention ans resilience

Portable Inspection System using X-rays for Detection and identification of Explosives and chemical Risks for Security

The discovery of a suspect object in a public domain creates a crisis situation and results in implementing protocols to evaluate the threat and secure the area. The aim of the SPIDERS project is to validate the feasibility of a new enhanced portable inspection system based on complementary X rays techniques. PROJECT > 3 SCIENTIFIC ISSUES + DEMONSTRATOR

◗ 3D & bi energie imaging without mechanical displacement using multiple X ray

COMPLETED PROJECT

CONTACT Pascal PONARD THALES ELECTRON DEVICES +33 (0)4 50 26 83 77 [email protected]

beams based on carbon nanotube photo-cathodes.

◗ CdZnTe high resolution spectrometric linear detector working at ambient temperature. ◗ 3D diffraction imaging allowing spectral analysis for identifying illegal materials.

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART ◗ First significant lifetime demonstration of a CNT cathode in a X ray diode during 3months in continuous operation.

Large companies: THALES ELECTRON DEVICES, THALES RESEARCH & TECHNOLOGIES SMEs: CYXPLUS, D-LIGHTSYS

◗ Developpment of a new spec-

Research institutes, universities: CEA - LETI, ECOLE POLYTECHNIQUE - LPICM, INSA - LYON-CNDRI

tral analysis method based on Energy Dispersive X-Ray Diffraction using a limited database of illegal substances.

◗ A dedicated 3D reconstruction algorithm, based on an iterative technique implemented within a multi-resolution approach has been developed.

PROJECT DATA

MAJOR PROJECT OUTCOMES

Coordinator: THALES ELECTRON DEVICES

◗ Publications:

Co-label: MINALOGIC

10th ECNDT, Moscow 2010, 07 – 11 juin 2010 “Feasibility study of X-ray diffraction for a portable inspection system” – Angela Peterzol, Philippe Duvauchelle, Valerie Kaftandjian and Pascal Ponard: [INSA Lyon, TED]; “Spatial super-resolution for line parallel imaging in energy dispersive X-ray diffraction” – Ferréol Soulez, Charles Crespy, Valerie Kaftandjian, Philippe Duvauchelle, Angela Peterzol, Pascal Ponard: [INSA Lyon, TED]; “Design and optimization of a tomosynthesis system using a multiple X-ray source based on carbon nanotubes” – Anne Frassati, Véronique Rebuffel, Vincent Moulin [CEA LETI, INSA].

◗ Patents: • Réf TPI 65213: Source de rayons X à photocathode à nanotubes de carbone -Extension PCT/EP2009/050809 le 23.01.2009. • Réf TPI 65981: Source de faisceau électronique collimaté à cathode froide -Extension PCT/EP2010/057734 le 2.06.2010. • Réf TPI 65213: Source de rayons X à photocathode à nanotubes de carbone (2008) Dépôt brevet France 08.00397 le 25.01.2008. • Réf TPI 65981: Source de faisceau électronique collimaté à cathode froide (2009) - Dépôt brevet France 09.02733 le 05.06.2009.

Call: ANR Start date: March 2008 Duration: 33 months Global budget (M2): 2.9 Funding (M2): 1.5

◗ Product(s) or Service(s): • Definition of the system architecture for the imaging in transmission and diffraction. • Optimization of 3D reconstruction method based on X ray multi-sources and compatible with the operational constraints. • Realization of X ray CNT diodes at 100 kV. • Sept. 2010: final evaluation of a demonstrator in Bourges ETBS / DGA with explosive materials hidden in objects.

◗ Business creation: A spin-off called MultiX SA has been created by Thales Electron Devices and will develop spectrometric detectors for Security market.

Digital Trust & Security WG

123

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page124

Comprehensive risk management, prevention ans resilience

TARANIS

Technologie pour l’Apprentissage des Risques majeurs par l’ANImation de Simulations

The ability to promptly and appropriately react to critical events during a crisis is a crucial skill for crisis managers (operationals, politics, industrials) confronted to complex environments, facing a diversity of actors, and in particular the media. Relying on upcoming behavioural simulation, cutting edge visualization and interaction interface and world leader GIS system, TARANIS aims to research and develop in collaboration with potential end-users and experts a crisis management solution providing: simple planning and crisis management tools, an easy way to build crisis complex scenarios, GIS-based visualization of the entire situation, value for money training and exercising with collaborative sessions potentially available from the web.

PROJECT RESULTS

CONTACT Jérome COMPTDAER MASAGROUP +33 (0)1 55 43 13 30 jerome.comptdaer@masagroup .net

PARTNERS

◗ Technologies: Researches on crisis management conducted during the project lead on both the enhancement of a unique decisionnal simulation and the creation of an innovative Timeline for crisis tasks, phone discussions and video recording management. • The simulation describes and implements new dynamic population behaviours in case of emergency, implements the procedures of security services while integrating 3rd part-simulation information (weather or CBRN clouds) making it possible to take into account information like the state of main transport, energy, communication, water networks as well as some major natural risk factors and technological risk factors; • the Timeline provides a very intuitive and accurate look-and-feel tool to display hundreds of tasks, assign organization staff roles and monitor the crisis cell. These tools smoothly interact together in order to provide a coherent and homogeneous platform to prepare, run, replay and analyse crisis management exercises.

◗ Publications: • “Se préparer à l’impensable: la simulation comportementale et la plate-forme d’entraînement à la gestion de crise TARANIS - Actes du Workshop Interdisciplinaire sur la Sécurité Globale” (WISG’07). • “TARANIS, de la préparation au débriefing, retour d’expérience sur un exercice de gestion de crise - Actes du Workshop Interdisciplinaire sur la Sécurité Globale (WISG’09)”.

◗ Experimentations: The TARANIS platform has been used in real conditions during a crisis management exercise organized by the CODAH (Le Havre agglomeration clusters) on December 2008 and March 2009. The exercises lasted one full day in instrumented rooms and targeted public security organizations, emergency operationals, politics and industry managers. The animation room was featured with two large screens displaying the timeline and the simulation, a call center and monitoring tools. At the end of the exercise, the user feedbacks concerning the platform use were: disturbing, structuring and improving. The final demonstration is planned on June 2009.

◗ Business creation: The TARANIS platform enables crisis management organization to prepare their exercises online and use them during training and exercising without any technical skills. Since the simulation embbeds a decisional AI technology and hence is highly autonomous, it requests very low manpower to handle it through a web-browser. The TARANIS platform may revolutionize crisis management training.

Digital Trust & Security WG

124

COMPLETED PROJECT

SMEs: ESRI FRANCE, MASAGROUP Research institutes, universities: UNIVERSITE PARIS SUD 11 (LRI)

PROJECT DATA Coordinator: MASAGROUP Call: ANR Start date: January 2007 Duration: 27 months Global budget (M2): 1 Funding (M2): 0.6

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page125

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Technologies et investigations sécuritaires pour téléphones mobiles et appareils numériques mobiles

The main goal of the TISPHANIE project is to propose a cost/efficient and structured methodology, together with the related tools and evaluation process enabling the concerned users (MNOs, application developers, police laboratories, civil security operators) to assess rapidly the security of all major components embedded in personal devices (mobile handsets, PDAs, netbooks, PMR terminals) for critical or value-added applications.

COMPLETED PROJECT

CONTACT Jean-Pierre TUAL GEMALTO +33 (0)1 55 01 61 60 [email protected]

PROGRESS BEYOND THE STATE OF THE ART The TISPHANIE project has put in evidence new ways of attacking Mobile Platforms from the HW, SW or Cryptographic standpoints. It has developed new HW equipment enabling to assess the security of mobile devices as well as some efficient SW mechanisms proposing countermeasures against possible malicious SW injection in classical platforms such as Symbian, IoS or Android (some of them are classifed).

PARTNERS Large companies: CASSIDIAN, EADS-IW, GEMALTO, TRUSTED LABS, TRUSTED LOGIC Intermediate size enterprises: BERTIN TECHNOLOGIES

MAJOR PROJECT OUTCOMES ◗ Publications: • Mobile phone hypervisor testing for vulnerabilities discovery, Smart Mobility 2011, A. Gauthier, C. Mazin, J. Cartigny, J.-L. Lanet, Nice France, September 2011. • Enhancing fuzzing technique for OKL4 syscalls testing, SecSE 2011, A.Gauthier, C.Mazin, J.Cartigny, J.-L.Lanet, Vienna Austria, August 2011. • Testing micro-kernel syscalls to discover vulnerabilities, 3SL 2011, A.Gauthier, C.Mazin, J.Cartigny, J.-L. Lanet, Saint Malo France, May 2011. • “ElectroMagnetic Analysis (EMA) of software AES on Java mobile phones” by D. Aboulkassimi, L. Freund, J. Fournier, M. Agoyan, B. Robisson & A. Tria, in the proceedings of the IEEE International Workshop on Information Forensics and Security (WIFS’11), November 2011. • “Sécurité du Système ANDROID” de Nicolas RUFF lors de la conference STTIC 2011, Rennes Juin 2011.

SMEs: CRYPTOEXPERTS USERS: MINISTRY OF INNER AFFAIRS Research institutes, universities: CEA-LETI, ENSM SAINTETIENNE, UNIVERSITÉ DE LIMOGES, UNIVERSITÉ VERSAILLES SAINT-QUENTIN EN YVELINES

PROJECT DATA

◗ Product(s) or Service(s): At the end of the project, the following results are available: • several innovative equipment enabling to perform security assessment of Mobile HW platforms against e.g. side channel attacks such as power or electromagnetic analysis, fault injection by laser illumination or glitch injection. Some of them have been installed in the CIMPACA MicroPacks platform, a mutualized set of equipment hosted inside the buildings of the ENSM Saint Etienne in Gardanne, for the benefit of all interested industry, • a complete security analysis of main mobile SW platforms such as IoS, Android, Symbian and major associated frameworks (Java JEM2, OKL4 hupervisors), • an analysis of all efficient potential HW or SW countermeasures aimed at counter all major types of attacks against Mobile platforms, • an in-depth analysis of all major cryptoalgorithms used in Mobile Platforms (GSM/3G, Bluetooth, WiFi, Broadcast ptocols), • a set of Forensics tools aimed at reconstructing, upon legal or judiciary requests, the content of some mobile platforms critical parts (e.g. Flash memory), • a quick and extensive methodology aimed at guiding Mobile Operators and/or Service Providers for assessing the security of Mobile Platforms within a reasonable risk analysis.

◗ Job creation: 3 ◗ Maintained jobs: 10 ◗ Business creation:

Coordinator: GEMALTO Co-label: ELOPSYS Call: FUI7 Start date: September 2009 Duration: 27 months Global budget (M2): 7.5 Funding (M2): 2.7

Trusted Logic has developed in the project a new prototype of its Trusted Execution Environment and is currently proposing the productized version of it among the Mobile Chipset industry. Several major licensing agreements with world players have been concluded (confidential information) or are currently in discussion.

Related Systematic project(s): CRYPTOSMART, PFC, TSC

Digital Trust & Security WG

125

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page126

Critical Infrastructure protection

Traçabilité Opérationnelle Continue à Haute Autonomie

Tracking of vehicles, objects and people can prevent and protect against various risks and threats, as to protect citizens against organized crime and terrorism. Use of miniaturized beacons to locate their bearers in preventive or crisis frames - cooperative or not. Such beacons are a mean to collect information and develop intelligence to monitor criminal and terrorist organizations. They can also protect vulnerable people as well and precious or dangerous goods or assets.

COMPLETED PROJECT

CONTACT Alain SOULIER DEVERYWARE +33 (0)6 68 48 44 81 [email protected]

The TOCHA project shall prove feasibility of long-time, continuous tracking in multiple conditions, facing adverse physical constraints or counter-measures. Goal is to enable long-term, real-time tracking in open or covert environment, during one or several years, without limitations in installation or remote controllability of missions.

PROGRESS BEYOND THE STATE OF THE ART TOCHA demonstrated the feasibility for a real-time tracking beacon capable of high autonomy, and adapted to the constraints of security missions. Important innovations were made in the areas of maximum isotropic antennas and micro fuel cell. They were successfully tested. Many of the innovations arising from the project have already been integrated into Photospace and Deveryware productions, and are already available for security missions. Tocha beacon will be available in late 2011

SMEs: DEVERYWARE, PHOTOSPACE Research institutes, universities: CEA, IETR

PROJECT DATA Coordinator: DEVERYWARE

MAJOR PROJECT OUTCOMES

Call: ANR

◗ Publications: • IEEE Antennas and Wireless Propagation Letters, Vol.8, 2009. • "Quasi Unidirectional Radiation Pattern of Monopole Coupled Loop Antenna". • IEE Electronics letters, vol 45, n°23, "Frequency tunable Monopole Coupled Loop Antenna with broadside radiation pattern". • 15ièmes journées Nationales microondes (JNM 2007 - Toulouse).

◗ Patents:

Start date: February 2008 Duration: 34 months Global budget (M2): 1.9 Funding (M2): 1.1

R20070006787 20070927 "Antenne compacte et accordable pour terminal d'émission et/ou de réception"; EP 2008/062870; 2009/0047900A1.

Related Systematic project(s): LEA

◗ Product(s) or Service(s): • Product: new beacon (availability 2011 Q4) including multi-technology location techniques (A-GPS, GSM Cell-Id, radiogoniometry) with seamless switch to most appropriate technology, high autonomy (‹‹ 1 year), optimized isotropic antennas. • Services: Advanced secure web services for beacon control "on the fly", mission management functions (alert escalation, areas management,…).

◗ Job creation: 4 jobs at Deveryware and Photospace.

Digital Trust & Security WG

126

PARTNERS

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page127

Trusted Infrastructure for smart cities

Traceability, Acknowledgment, Identification and Management of Disasters Victims

TRIAGE is a research project aiming to an identity management solution for a large number of victims (any person, living or lifeless) during and after a disaster (natural, accidental or malevolent). The concept is mobile, communicating, flexible, efficient, ergonomic and secured, and is designed to meet expectations of first responders. TRIAGE will design a scalable infrastructure based on a mobile platform and a set of inter connected mobile devices which will provide to first responders powerful tools to carry their activity i.e. sorting of injuries and related level of urgency, identification and position.

ON GOING PROJECT

CONTACT Sébastien BRANGOULO MORPHO +33 (0)1 58 11 87 29 sebastien.brangoulo @morpho.com

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS PARTNERS TRIAGE scalable infrastructure is composed of a mobile platform and a set of inter connected mobile devices. Devices will provide to the first responders powerful tools to carry their activity (sorting of injuries and related level of urgency, identification and position). It will support contactless biometric data capture of the victims (fingerprints, face) on low cost sensors, allowing in the same time a speech transcription of the rescuer describing the victim medical state, including a translation capability for missions abroad, a geo-location capability and time-stamping. All those functionalities will be integrated in a simple and intuitive ergonomic design, and a step-by-step guidance for the using of the device. TRIAGE is very cautious to protect the confidentiality of data and give ethical attention to the respect of privacy. The collected data will be recorded in a temporary local database, gathered during the rescue operation and stored at the mobile platform level, solely maintained during the medical follow up of the victims and securely destroyed afterward. Crucial information on the victim will be stored on a RFID chip (face and fingerprint templates, medical file), carried by the victims.

Large companies: MORPHO, VECSYS SMEs: DHCOM Research institutes, universities: INSTITUT DE RECHERCHE CRIMINELLE DE LA GENDARMERIE NATIONALE, LABORATOIRE D'INFORMATIQUE DE L'UNIVERSITE DU MAINE, SAMU DE ZONE ILE DE FRANCE, UNIVERSITE LILLE 2 - CERAPS, UNIVERSITE DE NIMES - LPS, UNIVERSITE PARIS DESCARTES

PROJECT DATA Coordinator: MORPHO Call: ANR CSOSG

STATUS - MAIN PROJECT OUTCOMES

Start date: March 2013

◗ The management of large population to help first responders by using biometric de-

Duration: 36 months

vices

◗ Victim’s identity management in a safe and a privacy oriented way ◗ The mobility, to allow a fast moving of rescuers ◗ Secure information exchange in harsh environment by relying on RFID and existing secure and dedicated networks

Global budget (M2): 4.1 Funding (M2): 1.7

◗ A validated assistance taking into account the field realities of the end users and the social needs of the victims

Digital Trust & Security WG

127

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page128

Trust and security in large transactional systems - Cybersecurity and fraud prevention

EUROPEAN PROJECT

Trusted Secure Computing COMPLETED PROJECT

The goal of the TSC project was to provide the basic components enabling and enforcing security and trust in Information and Communication Technologies. More precisely, the project focused on the following aspects: ◗ develop the HW (and embedded SW) silicon devices enforcing secure and trusted computing, including: Trusted Processor Modules, Hardware Security Modules, Trusted Software Stacks, Secure Personal Tokens, ◗ develop suitable trust concepts and architecture elements for all application domains targeted by the project, including computing, mobile and consumer, ◗ coordinate all European contributions related to Trusted Computing standards, and especially in the scope of the Trusted Computing GroupTM (TCG) initiative. The TSC project is a Eureka/Medea+ project, also labelled by the Systematic and SCS Competitiveness clusters.

PROGRESS BEYOND THE STATE OF THE ART The TSC project has delivered new generations of trusted secure components, pushing forward existing architecture, bandwidth and performance limitations. It helped the creation of complete trusted platforms in all TSC target application domains, including new fields such as PMR, consumer electronics or wireless products. In addition, component scalability, mobility, multilevel security and infrastructure concepts were introduced enhancing the scope of applicability of the Trusted Computing group (TCG) standards. The project developed also new advanced methodology concepts such as Trust Metrics and made several contributions to the ISO and TCG organization, leading especially the international work on Authentication in the relevant working groups.

MAJOR PROJECT OUTCOMES ◗ Product(s) or Service(s): At the end of the project

◗ ◗ ◗

◗

the following components were available: • New 32bit TPM circuits with faster I/Os and providing 3 to 10 time increase in overall performance • New generation of Personal Secure Token and related management infrastructure, aimed at enforcing both the secure remote administration of fixed and mobile terminals and user-privacy • New high-performance crypto-engines (HSM) for servers, offering a ten-times improvement in cryptographic operations Patents: 6 patents submitted during the life of the project Publications: 3 presentations made at international conferences, 8 scientific papers were sumitted in international journals Experimentations: The TSC components were integrated by the partners in several demonstrators showing new capabilities in the global security area, such as e-banking or e-government from a TV SetTopBox, DRM transcodig, PMR terminals, File sharing in Wide Entertainment Networks, Anonymity Management in Mobile Networks, Virtualization and Multi-level security computing platforms. Business creation: The immediate exploitation of project results has started by all TSC partners, e.g.: • Gemalto is already exploiting the industrialized version of the Personal Secure Token and related infrastructure on a world-wide basis (IAM and Mobile Identity management) • Bull SAS is currently working with government agencies for the use of the HSM developed in the project in relation with the deployment of the next biometric passport generation • EADS and Bertin are exploiting the project secure boot and virtualization SW in their secure computing service offer. • STMicroelectronics is commercializing the TPM solutions developed in TSC towards all major PC manufacturers in Asia and US. • Orange Labs is starting integrating the Anonymous Access Control Services innovation of the project in their global NFC service infrastructure.

Digital Trust & Security WG

128

CONTACT Jean-Pierre TUAL GEMALTO +33 (0)1 55 01 61 60 [email protected]

PARTNERS Large companies: BULL, CELESTICA VALENCIANA, EADS, FRANCE TELECOM, GEMALTO, STMICROELECTRONICS, PHILIPS Intermediate size enterprises: BERTIN TECHNOLGIES SMEs: TB-SECURITY, TB-SOLUTIONS, TECHNIKON Research institutes, universities: CEA LETI, ENSM SAINTETIENNE, FUNDACION EUROPEAN SOFTWARE INSTITUTE, LIP6

PROJECT DATA Coordinator: GEMALTO Co-label: SCS Call: MEDEA+ Start date: October 2007 Duration: 27 months Global budget (M2): 16,6 in France, 32 globally Funding (M2): 5,2 in France Related Systematic project(s): PFC, TISPHANIE

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page129

Critical Infrastructure protection

VIDEO-IDentification COMPLETED PROJECT

VIDEO-ID is intended for the protection and for the security of complex and open spaces as a station, a place of interconnection of various ways of transportation, a shopping center, an airport hall, … Its principal objective is to follow and identify a person through cameras networks using its calculated visual signature (color, texture, face, iris, behavior). It aims to: ◗ Define the concepts of use of people identification by videosurveillance. ◗ Analyze the legal and societal aspects which will bring an improvement of the security while preserving the fundamental liberties of individuals. ◗ Define strong quality criteria which will allow to reduce the false alarms (reliable identifications in not cooperative situations and in real environment). ◗ Demonstrate the automatic workflow and performance of these operations in real conditions.

CONTACT Manuel CARBALLEDA THALES SECURITY SYSTEMS & SOLUTIONS +33 (0)1 73 32 26 51 manuel.carballeda @thalesgroup.com

PARTNERS

PROGRESS BEYOND THE STATE OF THE ART ◗ WP1 – People detection & tracking • People detection in a robust way in crowded scenes and tracking through a network of cameras using two levels: • At the first level, moving objects detection in 3D static scenes thanks to pre-calibrated cameras. • At the second level, applying local features such as Haar, HOG, colors and Covariance in the movements areas from the first level, especially when there’s occultations. ◗ WP2 – Face detection & tracking • SoftBiometrics (height, weigth, color…) to help the detection and tracking. ◗ WP3 – Iris Identification on video images • Non collaborative Iris acquisition and recognition, based on a previously Face detection and tracking. ◗ WP4 – Ethical and Legal aspects (link with KIVAOU project) • Comparative approach with China and the USA - even more (United Kingdom of course with different reports, Home Office, House of Lords). ◗ WP5 – Demonstration • Complete integrated system.

Large companies: THALES SECURITY SYSTEMS & SOLUTIONS Research institutes, universities: CREDOF-PARIS X, EURECOM, INRIA, TSP

PROJECT DATA Coordinator: THALES SECURITY SYSTEMS & SOLUTIONS Co-label: SCS Call: ANR Start date: February 2009 Duration: 36+6 months Global budget (M2): 1.9 Funding (M2): 0.9

MAJOR PROJECT OUTCOMES The deliverable D1, including the update D4 and scenarios D5, has been sent the 17/03/2009. The deliverable D2, public VIDEO-ID Web site, is online: http://www-sop.inria.fr/pulsar/ projects/videoid/ The deliverable D3 & D6 (annual reports) have been been delivered. VIDEO-ID poster and article presented at WISG09 27-28 January 2009 and WISG10 26-27 January 2010 and WISG11 25-26 January 2011. Equipment installation and acquisition of videos on the ENP Oissel-Rouen site in common with KIVAOU, SCARFACE, QuiAVU projects (early December 2009) - 23 Terabytes of non compressed videos (STSI/CTSI). Ethical and Legal aspects Workshop in common with KIVAOU project (November 10, 2009).

Related Systematic project(s): KIVAOU, MOBISIC, VIDEO-ID

Digital Trust & Security WG

129

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page130

Trust and security in large transactional systems - Cybersecurity and fraud prevention

Visualisation, Interpretation et Gestion des Interceptions Electroniques

The goal of the VIGIEs project is to provide French authorities a demonstrator to capture, to store and to analyze efficiently all intercepted information from fixed telephony, VoIP, mobile telephony, etc but also from the Internet network. The project takes then into account the new needs related both on Legal Interceptions and connection Data Retention. The overall treatment function will be supported by a common open software platform which allows to define a common definition of data structure, to share efficiently data and to integrate rapidly new treatment services. The demonstrator should facilitate the behavioural analysis of the targets by the authority and assist them with decision making processes which provide the most appropriate level of information, analysed, correlated and marked with a level of assurance.

PROGRESS BEYOND THE STATE OF THE ART The results have been obtained at several levels on both aspects theoretical but also practical. • Improvements in signal processing for speech to text translation have been made. • Recognition patterns of behavior have been developed. • Models of knowledge representation were implemented. • Innovative modes of storage have also been developed. • Developpement of prototypes.

COMPLETED PROJECT

CONTACT Arnaud ANSIAUX ALCATEL-LUCENT BELL LABS FRANCE +33 (0)1 30 77 26 21 arnaud.ansiaux @alcatel-lucent.com

PARTNERS Large companies: ALCATEL-LUCENT BELL LABS FRANCE, CEA LIST, ONERA, ORANGE R&D Intermediate size enterprises: VECSYS, VECSYS RESEARCH SMEs: CABINET ALAIN BENSOUSSAN, INTELLIGENCES, SICX Research institutes, universities: LIP6, TELECOM SUDPARIS

PROJECT DATA Coordinator: ALCATEL-LUCENT BELL LABS FRANCE Call: ANR Start date: January 2009

MAJOR PROJECT OUTCOMES

Duration: 30 months

◗ Publications: 3. • Visual Analysis of Implicit Social Networks for Suspicious Behavior Detection. • In Databases Systems For Advanced Applications (DASFAA). 2011 - Aide à l’Analyse

Visuelle de Réseaux Sociaux pour la Détection de Comportements Suspects. • In Conférence Internationale Francophone en Extraction et Gestion de Connais-

sances (EGC). Brest, 2010 - publication à ICDE 2011.

Digital Trust & Security WG

130

Global budget (M2): 3.7 Funding (M2): 1.9

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page131

Social and societal aspects, Social and Human Sciences

Verification of Indistinguishability Properties ON GOING PROJECT

The Internet is a large common space, accessible to everyone around the world. As any public space, people should take appropriate precautions to protect themselves against fraudulent people and processes. It is therefore essential to obtain as much confidence as possible in the correctness of the applications that we use to secure our data and our transactions. Because security protocols are notoriously difficult to design and analyse, formal verification techniques are extremely important. However, nearly all the studies do not allow one to analyse privacy-type properties that play an important role in many modern applications.

CONTACT Stéphanie DELAUNE LSV / CNRS +33 (0)1 47 40 75 63 [email protected] http://www.lsv.ens-cachan.fr/ Projects/anr-vip/

TECHNOLOGICAL OR SCIENTIFIC INNOVATIONS ◗ The novel part of this project is to for-

mally analyse modern applications in which privacy plays an important role. Many applications having an important societal impact are concerned by privacy, e.g. electronic voting, safety critical applications in vehicular ad hoc networks, routing protocols in mobile ad hoc networks, or RFID tags that are now embedded in many devices. Moreover, each application comes with its own specificities, e.g. e-voting protocols often rely on complex cryptographic primitives, some routing protocols rely on recursive tests, … In mobile ad hoc networks, taking into account mobility issues is also an important challenge. ◗ Formal verification of security protocols has known significant success during the two last decades. The techniques have become mature and several tools for protocol verification are nowadays available. However, nearly all studies focus on trace-based security properties, and thus do not allow one to analyse privacy-type properties that play an important role in many modern applications. Moreover, the envisioned applications have some specificities that prevent them to be modelled in an accurate way with existing verification tools.

STATUS - MAIN PROJECT OUTCOMES

PARTNERS Research institutes, universities: LSV / CNRS

PROJECT DATA Coordinator: LSV / CNRS Call: ANR Start date: January 2012 Duration: 48 months Global budget (M2): 0.9 Funding (M2): 0.2

The goal of this project is to design verification algorithms to analyse privacy-type security properties on several applications having an important societal impact. Some recent studies have revealed the existence of a flaw in the French implementation of the BAC protocol, which means that anyone carrying a French e-passport can be physically traced.

Digital Trust & Security WG

131

60-133 Security 2013_Mise en page 1 24/05/13 12:11 Page132

Critical Infrastructure protection

eXtended VISION COMPLETED PROJECT

The XVISION project aims at developping a new ultra-wide dynamic range camera. This camera provides a high quality image of a scene by keeping the contrast information independent of the scene physical contrast without any optical, electrical and mechanical adjustment. Thus the designed camera is ideal for a large variety of applications where the scene illumination is either difficult or highly contrasted such as automotive vision, surveillance… The second purpose of the project is to suggest new intelligent image processing algorithms fitted to the image provided by the camera and to validate its efficiency in several situations like public transportation and the sensitive sites protection.

CONTACT

PROGRESS BEYOND THE STATE OF THE ART

PARTNERS

The XVISION project offered the possibility to develop a true logarithmic sensor using an array of photodiodes operated in photovoltaic mode. Contrary to most logarithmic imager designs, the array of photodiodes is operated in photovoltaic mode and the opencircuit voltage across the p/n junction is proportional to the exact and pure logarithmic value of the incident light intensity. An analog camera which incoporates this sensor has been developped. Secondly, new intelligent image processing algorithms fitted to the image provided by the camera have been developped. Thus, the advantages and the ways of improvement have been highlighted.

Mathilde BERNARDIN HGH SYSTEMES INFRAROUGES +33 (0)1 69 35 47 70 [email protected]

Intermediate size enterprises: MARTEC SMEs: EVITECH, HGH SYSTEMES INFRAROUGES, NIT, SINOVIA Research institutes, universities: INRIA, TELECOM SUD PARIS

PROJECT DATA Coordinator: HGH SYSTEMES INFRAROUGES Call: FUI4 Start date: January 2008 Duration: 24 months

MAJOR PROJECT OUTCOMES

Global budget (M2): 1.9

◗ Product(s) or Service(s):

Funding (M2): 0.9

• Ten prototypes of Analog Cameras have been produced and tested in different applications: - Surveillance - Intrusion detection - Face recognition - obstacle detection. For each application, the camera integrating the new sensor has been compared with standard cameras. Besides, new algorithms have been developped in order to take into account: - noised light conditions (glare), highly dynamic scenes. The results of the differents tests have shown that the XVISION camera has the following advantages: - low noise - High image quality in backlight or through light halos. Thus, the automatic detection is made easier and face recognition is more efficient particularly when the scene illumination is highly contrasted. Finally, the cameras developed in the pro-ject could, after evolution and adaptations, become an innovative product, particularly well adapted for applications in the field of surveillance serving cities, sensitive sites, industrial sites and buildings, face recognition or obstacles detection by stereovision.

◗ Publications: 3. • Promotion of the XVISION camera during various exhibitions.

◗ Job creation: 2.

Digital Trust & Security WG

132