Séminaire de sécurité des réseaux SAMOVAR

Quand : mercredi 28 février 2018, à partir de 14h30
Où : Amphithéâtre Rubis, à Télécom ParisTech

14h30-15h00 : Davide Ferraris (doctorant à l’université de Malaga, Espagne)

Titre – A Trust-by-Design Framework for the Internet of Things

Résumé – The Internet of Things (IoT) is an environment of interconnected entities, that are identifiable, usable and controllable via the Internet. Trust is necessary in a system such as IoT as the entities involved should know the effect of interacting with other entities. Moreover, the entities must also be able to trust a system to reliably use it. An IoT system is composed of different entities from different vendors, each of them with a different purpose and a different lifecycle. So considering trust in the whole IoT system lifecycle is useful and necessary to guarantee a good service for the whole system. The heterogeneity and dynamicity of this field make it difficult to ensure trust in IoT. We propose a trust by design framework for including trust in the development of an IoT entity considering all the phases of the life-cycle. It is composed of the K-Model and transversal activities.

15h00-15h30 : Juan Rubio (doctorant à l’université de Malaga, Espagne)

Titre – Addressing Security in OCPP: Protection Against Man-in-the-Middle Attacks

Résumé – The Open Charge Point Protocol (OCPP) is a communication standard for the exchange of data between a Charge Point (CP) and the Central Server (CS) in the electric vehicle domain. This protocol is envisioned to offer interoperability between the different manufacturers of charging points, network systems and IT back-end vendors. However, the current version of the specification is quite vague in terms of handling security and privacy, which results in a set of non-addressed threats, which we look at in this paper. Specifically, this paper focuses on Man-in-the-Middle attacks between the CP and the CS that may expose sensitive data of special interest to the various stake- holders involved in this context. As a counter-measure, we present a feasible solution and assess its behaviour in a simulator. The inclusion of additional security mechanisms is also studied, in compliance with the IEC 62351 standard.

15h30-16h00 : José Rubio Hernan (post-doctorant à Télécom SudParis)

Titre – Physical Architecture Assisted by Programmable Networking

Résumé – We study the application of control theory and programmable networking to improve the resilience of cyber-physical systems. We address security issues and propose solutions to detect and mitigate malicious actions. We propose models inspired by the control-theoretic community, but complemented by command and control SCADA protocols capable of conducting both misuse and anomaly detection. Different strategies are proposed depending on the specific properties of the malicious traffic. The proposal is validated using a SCADA training testbed speci\u000Ccally designed to experiment with industrial control system scenarios.

16h00-16h30 : Mohamed Tahar Hammi (doctorant à Télécom ParisTech)

Titre – Securing the Internet of Things

Résumé – The IoT is a technology that enables the interconnection of smart physical and virtual objects and provides advanced services. Objects or things are generally constrained devices which are limited by their energy, computing and storage capacity. A Wireless Sensor Networks (WSN) is a network composed of devices managed by a CPAN (Personal Area Network Coordinator). The network is used in order to gather and process data of a given environment. It is characterized by their low bit rate and low power consumption, and it uses small size packet in their transmissions. In order to protect the WSN, a mutual authentication between devices is required during the association of a new device. The exchanged data should be authenticated and encrypted. In this work we propose a robust, lightweight and energy-efficient security protocol for the WSN systems. The real tests we made and a performance evaluation of our security protocol are provided.