
Maxime PuysCea Leti
Maxime Puys
Ph.D. in Computer Science Security
About
34
Publications
8,895
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
198
Citations
Introduction
Maxime Puys is a research engineer at the LETI Institute, CEA (Commissariat à l’énergie atomique et aux énergies alternatives). He received his Ph.D in 2018 from University of Grenoble Alpes. His thesis focused on the cybersecurity of industrial control systems against network attacks and risk analysis combining safety and security. He now designs security components and contributes to the development of new tools to analyze the security of Industrial IoT.
Skills and Expertise
Additional affiliations
June 2018 - present
September 2013 - July 2014
Education
September 2014 - March 2018
September 2012 - July 2014
Publications
Publications (34)
Industrial systems are publicly the target of cyberattacks since Stuxnet [1]. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to prove the security of their protocols. In this paper, we formally study the security of one of the most used industrial protoc...
There exist several automatic verification tools of crypto-
graphic protocols, but only few of them are able to check protocols in
presence of algebraic properties. Most of these tools are dealing either
with Exclusive-Or (xor) and exponentiation properties, so-called Diffie-
Hellman (DH). In the last few years, the number of these tools increased...
Faults injection attacks have become a hot topic in the domain of smartcards. This work exposes a source code-base simulation approach designed to evaluate the robustness of high-level secured implementations against single and multiple fault injections. In addition to an unprotected CRT-RSA implementation, we successfully attacked two countermeasu...
Physical fault injections break security functionalities of algorithms by targeting their implementations. Software techniques strengthen such implementations to enhance their robustness against fault attacks. Exhaustively testing physical fault injections is time consuming and requires complex platforms. Simulation solutions are developed for this...
In the domain of smart cards, secured devices must be protected against high level attack potential [1]. According to norms such as the Common Criteria [2], the vulnerability analysis must cover the current state-of-the-art in term of attacks. Nowadays, a very classical type of attack is fault injection, conducted by means of laser based techniques...
We are seeing an increase in cybersecurity attacks on resource-constrained systems such as the Internet of Things (IoT) and Industrial IoT (I-IoT) devices. Recently, a new category of attacks has emerged called microarchitec-tural attacks. It targets hardware units of the system such as the processor or memory and is often complicated if not imposs...
Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an implementation in C of the protocol and either a proof in ProVerif that the protocol is safe or an impl...
Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an implementation in C of the protocol and either a proof in ProVerif that the protocol is safe or an impl...
In recent years, the security of connected objects has become a real challenge. Indeed, more and more IoT devices are being built for increasingly critical applications and as shown by multiple famous bot-net attacks such as Mirai, IoT devices are often poorly protected. In this paper, we introduce a new solution called iMRC (integrated Monitoring...
With the advances in the field of the Internet of Things (IoT) and Industrial IoT (IIoT), these devices are increasingly used in daily life or industry. To reduce costs related to the time required to develop these devices, security features are usually not considered. This situation creates a major security concern. Many solutions have been propos...
Industrial control systems are targeted by cyberattacks since Stuxnet in 2010 and attacks have increased in the past years wtr. interconnection with IT systems. Due to their contact with the real world, industrial systems must be protected and engineers must be trained accordingly. In this paper, we present a scal-able physical process virtualizati...
This paper presents the first recursive secure multiparty computation protocol for matrix multiplication, based on Strassen-Winograd algorithm. We focus on the setting in which any given player knows only one row of both input matrices and learns the corresponding row of the resulting product matrix. Neither the player initial data, nor the interme...
Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet. At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or aut...
Les systèmes industriels, souvent appelés SCADA (pour Système d’acquisition et de contrôle de données) sont la cible d’attaques informatiques depuis Stuxnet en 2010. Dû à la criticité de leurs interactions avec le monde réel, ils peuvent représenter une menace pour l’environnement et les humains. Comme ces systèmes ont par le passé été physiquement...
The security of industrial supervisory control and data acquisition systems (SCADA) has become a major concern since the Stuxnet worm in 2010. As these systems are connected to the physical world, this makes them possibly hazardous if a malicious attacker is able to take over their control. SCADA can live up to 40 years, are particularly hard to pa...
Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermin...
In the context of security, risk analyzes are widely recognized as essential. However, such analyzes need to be replayed frequently to take into account new vulnerabilities, new protections, etc.. As exploits can now easily be found on internet, allowing a wide range of possible intruders with various capacities, motivations and resources. In parti...
This paper deals with distributed matrix multiplication. Each player owns only one row of both matrices and wishes to learn about one distinct row of the product matrix, without revealing its input to the other players. We first improve on a weighted average protocol, in order to securely compute a dot-product with a quadratic volume of communicati...
Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as In-ternet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermi...
This paper deals with distributed matrix multiplication. Each player owns only one row of both matrices and wishes to learn about one distinct row of the product matrix, without revealing its input to the other players. We first improve on a weighted average protocol, in order to securely compute a dot-product with a quadratic volume of communicati...
Les systèmes industriels (SCADA) sont la cible d'attaques informa-tiques depuis Stuxnet [4] en 2010. De part leur interaction avec le mode physique, leur protection est devenue une priorité pour les agences gouvernementales. Dans cet article, nous proposons une approche de modélisation d'attaquants dans un système industriel incluant la production...
De plus en plus d'attaques informatiques contre les systèmes indus-triels sont présentées par les médias. Ces systèmes tendent à devenir géo-graphiquement distribués et à communiquer via des réseaux vulnérables tels qu'Internet. Régissant de nos jours des domaines tels que la production et la distribution d'énergie, l'assainissement des eaux ou le...
Questions
Questions (3)
Hello,
Does anybody have some references on a taxonomy (descriptive list) of computer science attackers (e.g.: mafia, states, terrorists, hacktivists, script kiddies, etc).
I am mostly finding taxonomy on attacks but rarely on attackers.
Thanks in advance,
Maxime
Dears,
I am curious if in practice non-repudiation is an important property in SCADA networks.
For example is it a need in case of a system failure to be able to find which employee did a wrong action (thus a message that goes from the SCADA to the PLC)?
I am also interested in the other direction where an employee canot deny he obtained an information from a PLC (thus a message that goes from the PLC to the SCADA).
Is such mechanisms really used in practice and if yes by which mean (it seems to me that industrial protocols such as MODBUS or DNP3 do not allow non-repudiation)?
Thanks in advance,
Maxime
Dears,
I am interested in filtering SCADA communications to guarantee safety properties.
Thus I would like to find attacks against SCADA that have happened in the past and that have involved the attacker modifying the contents of communications exchanged between SCADA and PLCs.
However, most of attacks I can find require the attacker uploading a malware that will reprogram the PLCs (e.g.: Stuxnet).
In the kind of attacks I am interested, lets say that the SCADA sends a request to change the temperature of a furnace to 500 degrees, the attacker intercepts the message (in a man-in-the-middle) and modifies it to 5000 degrees.
I heard for example about the Maroochy Shire case in which the attacker was introducing new crafted packets to violate the property.
This example also interests me and I would be curious about the technical details of the attack (e.g.: the communication protocol used, if opening the sewage system was an action the employee was allowed to do in a different context or if he had to break into the network, etc.).
Thanks in advance,
Maxime