Sommaire

  • Cet exposé a été présenté le 13 décembre 2024 (11:00 - 12:00).

Description

  • Orateur

    Maxime Puys - Université Clermont Auvergne - IUT de Clermont-Ferrand

Industrial Control Systems (ICS) are designed to provide a service, such as power generation or water treatment, while protecting people, assets, and the environment against hazards. However, ICS now integrate Information Technology (IT) and are interconnected with the outside world such as the Internet, thereby exposing their infrastructures to cyberattacks. Cyberattacks have thus become new threats to industrial system operations and, more specifically, to their safety. To address the issue, this work presents a comprehensive cybersecurity risk assessment for the safety of ICS. This method takes into account the applicative logic of programmable logic controllers (PLC) and proposes attack models that allow for the identification of attacks specifically breaking safety properties.

Infos pratiques

Prochains exposés

  • What you never wanted to know about vulnerability databases

    • 21 novembre 2025 (10:00 - 11:00)

    • Inria Center of the University of Rennes - Room Métivier

    Orateur : Henrik Plate - Endor Labs

    Vulnerability databases play a crucial role in modern software security, serving as the backbone for Application Security (AppSec) and Software Composition Analysis (SCA) tools. However, the accuracy and reliability of these databases vary significantly, often leading to misinformed security decisions. This talk explores the challenges associated with vulnerability databases, including incomplete[…]

    • Risk Assessment

    • SoSysec

    • Vulnerability management

  • CHERIoT RTOS: An OS for Fine-Grained Memory-Safe Compartments on Low-Cost Embedded Devices

    • 21 novembre 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Métivier

    Orateur : Hugo Lefeuvre - The University of British Columbia

    Embedded systems do not benefit from strong memory protection, because they are designed to minimize cost. At the same time, there is increasing pressure to connect embedded devices to the internet, where their vulnerable nature makes them routinely subject to compromise. This fundamental tension leads to the current status-quo where exploitable devices put individuals and critical infrastructure[…]

    • SoSysec

    • Compartmentalization

    • Operating system and virtualization

    • Hardware/software co-design

    • Hardware architecture

Voir les exposés passés
Haut de page