[Focus on] LSOSP Lab - Laboratoire de Sécurité des Objets et Systèmes Physiques

By Olivier Savry (CEA-LETI/LSOSP)
The LSOSP (Laboratoire de Sécurité des Objets et Systèmes Physiques) and its 30 permanent staff are one of the two pillars of security within the CEA LETI.
Its mission is to perform research and innovate in the field of security of connected objects for the IoT and the components of the CPS (Cyber Physical systems). Its positioning makes it a strong support to industrial partners in the context of bilateral but also multi-partner projects for example in the framework of the IRT Nanoelec. It also has an important resourcing activity with 7 PhD students and European projects such as Activage, Clear5G. These partnerships and the laboratory's history have given it very specific business expertise around wireless communications (IoT and 5G objects), automotive, support for the silver economy with health and home support, but also buildings and housing. The LSOSP has also developed internationally recognized expertise in biometrics. The laboratory continues to grow along three priority technical axes: methods & tools for cybersecurity testing of IoT devices, security enhancement of IoT devices and security & privacy enhancement of objects’ interconnection & their data.

Methods & tools for cybersecurity testing of IoT devices

Knowing product device’s vulnerabilities is essential if it is to be efficiently protected. The laboratory has developed dedicated scanning and fuzzing tools to test different types of communication interfaces pertaining to IoT devices: ethernet, wifi, zigbee, bluetooth, nfc.. The LSOSP also operates state-of-the-art side-channel and fault injection testbenchs that allow us caracterisation of the physical security of objects, components and specific IPs.

Security enhancement of IoT devices

Once threats and vulnerabilities have been assessed, we are able to develop fully secure solutions by being able to address all scales of a Cyber Physical System (CPS): from components to architecture. For example, we have experience in securing vehicles against theft and SCADA-type networks. We have implemented a trust anchor allowing strong authentication on those often old and obsolete networks. The laboratory’s activities also encompass the development of secure hardware IPs for cryptography (symmetric and asymmetric encryption (ECC), homomorphic encryption, RNG, PUF, etc.) that have countermeasures against known attacks. We also have actions in the security of processors and their microarchitecture with the challenge of implementing intrinsically secure processors that would no longer require the developer to worry about vulnerabilities in their code. These SOCs allow fully encrypted programs (data and code) to be executed with intrinsic integrity of the control flow and authenticity of instructions at runtime.

Security & privacy enhancement of objects’ interconnection & their data

Within the framework of the applications and uses we address, we have recurring needs in secure protocols to communicate together very constrained lightweight objects (constrained especially in terms of energy) that are found in the IoT. We therefore adapt these protocols to ensure the most intuitive use of products throughout their life cycle and taking into account end-users’ privacy.

Published on June 29, 2020