Maxime Puys

Maxime Puys
Cea Leti

Ph.D. in Computer Science Security

About

34
Publications
8,895
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
198
Citations
Introduction
Maxime Puys is a research engineer at the LETI Institute, CEA (Commissariat à l’énergie atomique et aux énergies alternatives). He received his Ph.D in 2018 from University of Grenoble Alpes. His thesis focused on the cybersecurity of industrial control systems against network attacks and risk analysis combining safety and security. He now designs security components and contributes to the development of new tools to analyze the security of Industrial IoT.
Additional affiliations
June 2018 - present
Cea Leti
Position
  • Engineer
October 2014 - present
University of Grenoble
Position
  • Ph.D Student in industrial cybersecurity
Description
  • While on working on the filtering policy of an industrial firewall withing the ARAMIS (http://aramis.minalogic.net) project, I try to inject formal methods into industrial cybersecurity.
September 2013 - July 2014
SAFRAN A.S. group
Position
  • Smart card security apprentice engineer
Education
September 2014 - March 2018
Université Grenoble Alpes
Field of study
  • Cybersecurity of Industrial Systems
September 2012 - July 2014
Université Grenoble Alpes
Field of study
  • Cybersecurity

Publications

Publications (34)
Conference Paper
Full-text available
Industrial systems are publicly the target of cyberattacks since Stuxnet [1]. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to prove the security of their protocols. In this paper, we formally study the security of one of the most used industrial protoc...
Conference Paper
Full-text available
There exist several automatic verification tools of crypto- graphic protocols, but only few of them are able to check protocols in presence of algebraic properties. Most of these tools are dealing either with Exclusive-Or (xor) and exponentiation properties, so-called Diffie- Hellman (DH). In the last few years, the number of these tools increased...
Conference Paper
Full-text available
Faults injection attacks have become a hot topic in the domain of smartcards. This work exposes a source code-base simulation approach designed to evaluate the robustness of high-level secured implementations against single and multiple fault injections. In addition to an unprotected CRT-RSA implementation, we successfully attacked two countermeasu...
Conference Paper
Full-text available
Physical fault injections break security functionalities of algorithms by targeting their implementations. Software techniques strengthen such implementations to enhance their robustness against fault attacks. Exhaustively testing physical fault injections is time consuming and requires complex platforms. Simulation solutions are developed for this...
Conference Paper
Full-text available
In the domain of smart cards, secured devices must be protected against high level attack potential [1]. According to norms such as the Common Criteria [2], the vulnerability analysis must cover the current state-of-the-art in term of attacks. Nowadays, a very classical type of attack is fault injection, conducted by means of laser based techniques...
Conference Paper
Full-text available
We are seeing an increase in cybersecurity attacks on resource-constrained systems such as the Internet of Things (IoT) and Industrial IoT (I-IoT) devices. Recently, a new category of attacks has emerged called microarchitec-tural attacks. It targets hardware units of the system such as the processor or memory and is often complicated if not imposs...
Chapter
Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an implementation in C of the protocol and either a proof in ProVerif that the protocol is safe or an impl...
Conference Paper
Full-text available
Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an implementation in C of the protocol and either a proof in ProVerif that the protocol is safe or an impl...
Article
Full-text available
In recent years, the security of connected objects has become a real challenge. Indeed, more and more IoT devices are being built for increasingly critical applications and as shown by multiple famous bot-net attacks such as Mirai, IoT devices are often poorly protected. In this paper, we introduce a new solution called iMRC (integrated Monitoring...
Article
Full-text available
With the advances in the field of the Internet of Things (IoT) and Industrial IoT (IIoT), these devices are increasingly used in daily life or industry. To reduce costs related to the time required to develop these devices, security features are usually not considered. This situation creates a major security concern. Many solutions have been propos...
Conference Paper
Full-text available
Industrial control systems are targeted by cyberattacks since Stuxnet in 2010 and attacks have increased in the past years wtr. interconnection with IT systems. Due to their contact with the real world, industrial systems must be protected and engineers must be trained accordingly. In this paper, we present a scal-able physical process virtualizati...
Chapter
Full-text available
This paper presents the first recursive secure multiparty computation protocol for matrix multiplication, based on Strassen-Winograd algorithm. We focus on the setting in which any given player knows only one row of both input matrices and learns the corresponding row of the resulting product matrix. Neither the player initial data, nor the interme...
Article
Full-text available
Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet. At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or aut...
Thesis
Full-text available
Les systèmes industriels, souvent appelés SCADA (pour Système d’acquisition et de contrôle de données) sont la cible d’attaques informatiques depuis Stuxnet en 2010. Dû à la criticité de leurs interactions avec le monde réel, ils peuvent représenter une menace pour l’environnement et les humains. Comme ces systèmes ont par le passé été physiquement...
Conference Paper
Full-text available
The security of industrial supervisory control and data acquisition systems (SCADA) has become a major concern since the Stuxnet worm in 2010. As these systems are connected to the physical world, this makes them possibly hazardous if a malicious attacker is able to take over their control. SCADA can live up to 40 years, are particularly hard to pa...
Conference Paper
Full-text available
Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermin...
Conference Paper
Full-text available
In the context of security, risk analyzes are widely recognized as essential. However, such analyzes need to be replayed frequently to take into account new vulnerabilities, new protections, etc.. As exploits can now easily be found on internet, allowing a wide range of possible intruders with various capacities, motivations and resources. In parti...
Article
Full-text available
This paper deals with distributed matrix multiplication. Each player owns only one row of both matrices and wishes to learn about one distinct row of the product matrix, without revealing its input to the other players. We first improve on a weighted average protocol, in order to securely compute a dot-product with a quadratic volume of communicati...
Conference Paper
Full-text available
Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as In-ternet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermi...
Conference Paper
Full-text available
This paper deals with distributed matrix multiplication. Each player owns only one row of both matrices and wishes to learn about one distinct row of the product matrix, without revealing its input to the other players. We first improve on a weighted average protocol, in order to securely compute a dot-product with a quadratic volume of communicati...
Conference Paper
Full-text available
Les systèmes industriels (SCADA) sont la cible d'attaques informa-tiques depuis Stuxnet [4] en 2010. De part leur interaction avec le mode physique, leur protection est devenue une priorité pour les agences gouvernementales. Dans cet article, nous proposons une approche de modélisation d'attaquants dans un système industriel incluant la production...
Conference Paper
Full-text available
De plus en plus d'attaques informatiques contre les systèmes indus-triels sont présentées par les médias. Ces systèmes tendent à devenir géo-graphiquement distribués et à communiquer via des réseaux vulnérables tels qu'Internet. Régissant de nos jours des domaines tels que la production et la distribution d'énergie, l'assainissement des eaux ou le...

Questions

Questions (3)
Question
Hello,
Does anybody have some references on a taxonomy (descriptive list) of computer science attackers (e.g.: mafia, states, terrorists, hacktivists, script kiddies, etc).
I am mostly finding taxonomy on attacks but rarely on attackers.
Thanks in advance,
Maxime
Question
Dears,
I am curious if in practice non-repudiation is an important property in SCADA networks.
For example is it a need in case of a system failure to be able to find which employee did a wrong action (thus a message that goes from the SCADA to the PLC)?
I am also interested in the other direction where an employee canot deny he obtained an information from a PLC (thus a message that goes from the PLC to the SCADA).
Is such mechanisms really used in practice and if yes by which mean (it seems to me that industrial protocols such as MODBUS or DNP3 do not allow non-repudiation)?
Thanks in advance,
Maxime
Question
Dears,
I am interested in filtering SCADA communications to guarantee safety properties.
Thus I would like to find attacks against SCADA that have happened in the past and that have involved the attacker modifying the contents of communications exchanged between SCADA and PLCs.
However, most of attacks I can find require the attacker uploading a malware that will reprogram the PLCs (e.g.: Stuxnet).
In the kind of attacks I am interested, lets say that the SCADA sends a request to change the temperature of a furnace to 500 degrees, the attacker intercepts the message (in a man-in-the-middle) and modifies it to 5000 degrees.
I heard for example about the Maroochy Shire case in which the attacker was introducing new crafted packets to violate the property.
This example also interests me and I would be curious about the technical details of the attack (e.g.: the communication protocol used, if opening the sewage system was an action the employee was allowed to do in a different context or if he had to break into the network, etc.).
Thanks in advance,
Maxime

Network

Cited By