Portail HAL de Télécom Paris

Not a member yet

14191 research outputs found

Sort by

RV-Sec5: Enhancing RISC-V Security Evaluation via Targeted ISA-Level Instrumentation using gem5

Author: Awais Muhammad
Mushtaq Maria
Naviner Lirida
Bruguier Florent
Haj Yahya Jawad
Publication venue: ACM
Publication date: 11/02/2026
Field of study

International audienceThe modularity of the RISC-V Instruction Set Architecture (ISA) has accelerated its adoption in security-critical domains, yet it introduces significant challenges for pre-silicon security validation. Current evaluation methods often rely on high-level emulation that overlooks microarchitectural side effects or post-silicon testing that identifies vulnerabilities too late in the design cycle. This paper presents RV-Sec5, a systematic framework for ISA-level security evaluation that leverages the gem5 simulator. Unlike standard simulators, RV-Sec5 introduces a methodology to map high-level security invariants-such as privilege isolation and memory protection-directly to automated, cycle-accurate instrumentation points within the ISA decoder. This approach bridges the semantic gap between abstract security policies and low-level hardware execution. We demonstrate the framework's efficacy through a case study involving unauthorized Control and Status Register (CSR) modifications, showing how RV-Sec5 detects privilege escalation attempts and monitors microarchitectural anomalies, such as TLB flushes and cache state changes, in real-time

Arena: a kubernetes-based testbed for evaluating application deployment across the computing continuum

Author: Huang Chih-Kai
Krouti Konstantinos
Markopoulou Stella
Tserpes Konstantinos
Bouloukakis Georgios
Publication venue: CCSD
Publication date: 24/05/2026
Field of study

International audienceThis paper introduces Arena, a Kubernetes-based testbed for evaluating application deployment across computing continuum environments (IoT/Edge/Cloud). Arena enables the emulation of diverse computing nodes using Docker containers and leverages Kubernetes for testbed management. Arena integrates the Chaos Mesh framework to simulate network characteristics and Prometheus with Grafana tools for monitoring and visualization purposes. Experiments on the Grid'5000 platform with a Google microservice application demonstrate that Arena's container-based emulation achieves similar resource usage patterns to virtual machine-based nodes, and its network chaos injection effectively enforces network constraints. Results highlight Arena's capability to provide a practical and reproducible environment for testing containerized applications across diverse computing continuum nodes

DRAGON: Robust Classification for Very Large Collections of Software Repositories

Author: Balla Stefano
Zacchiroli Stefano
Degueule Thomas
Falleri Jean-Rémy
Robbes Romain
Publication venue: CCSD
Publication date: 09/02/2026
Field of study

The ability to automatically classify source code repositories with "topics" that reflect their content and purpose is very useful, especially when navigating or searching through large software collections. However, existing approaches often rely heavily on README files and other metadata, which are frequently missing, limiting their applicability in real-world large-scale settings. We present DRAGON, a repository classifier designed for very large and diverse software collections. It operates entirely on lightweight signals commonly stored in version control systems: file and directory names, and optionally the README when available. In repository classification at scale, DRAGON improves F1@5 from 54.8% to 60.8%, surpassing the state of the art. DRAGON remains effective even when README files are absent, with performance degrading by only 6% w.r.t. when they are present. This robustness makes it practical for real-world settings where documentation is sparse or inconsistent. Furthermore, many of the remaining classification errors are near misses, where predicted labels are semantically close to the correct topics. This property increases the practical value of the predictions in real-world software collections, where suggesting a few related topics can still guide search and discovery. As a byproduct of developing DRAGON, we also release the largest open dataset to date for repository classification, consisting of 825 thousand repositories with associated ground-truth topics, sourced from the Software Heritage archive, providing a foundation for future large-scale and language-agnostic research on software repository understanding

Non-iid hypothesis testing: from classical to quantum

Author: de Palma Giacomo
Fanizza Marco
Mowry Connor
O'Donnell Ryan
Publication venue: CCSD
Publication date: 28/01/2026
Field of study

We study hypothesis testing (aka state certification) in the non-identically distributed setting. A recent work (Garg et al. 2023) considered the classical case, in which one is given (independent) samples from

T

unknown probability distributions

p_1, \dots, p_T

[d] = \{1, 2, \dots, d\}

, and one wishes to accept/reject the hypothesis that their average

p_{\mathrm{avg}}

equals a known hypothesis distribution

q

. Garg et al. showed that if one has just

c = 2

samples from each

p_i

, and provided

T \gg \frac{\sqrt{d}}{ε^2} + \frac{1}{ε^4}

, one can (whp) distinguish

p_{\mathrm{avg}} = q

from d_{\mathrm{TV}}(p_{\mathrm{avg}},q) > ε. This nearly matches the optimal result for the classical iid setting (namely,

T \gg \frac{\sqrt{d}}{ε^2}

). Besides optimally improving this result (and generalizing to tolerant testing with more stringent distance measures), we study the analogous problem of hypothesis testing for non-identical quantum states. Here we uncover an unexpected phenomenon: for any

d

-dimensional hypothesis state

σ

, and given just a single copy (

c = 1

) of each state

ρ_1, \dots, ρ_T

, one can distinguish

ρ_{\mathrm{avg}} = σ

from D_{\mathrm{tr}}(ρ_{\mathrm{avg}},σ) > ε provided

T \gg d/ε^2

. (Again, we generalize to tolerant testing with more stringent distance measures.) This matches the optimal result for the iid case, which is surprising because doing this with

c = 1

is provably impossible in the classical case. We also show that the analogous phenomenon happens for the non-iid extension of identity testing between unknown states. A technical tool we introduce may be of independent interest: an Efron-Stein inequality, and more generally an Efron-Stein decomposition, in the quantum setting

Ethics in the Metaverse: responsible innovation as a pathway for policy and industry

Author: Giannelos Kalli
Publication venue: Taylor & Francis
Publication date: 02/01/2026
Field of study

International audienceA responsible Metaverse requires governance frameworks grounded in responsible innovation. Drawing on an interdisciplinary literature review, this paper examines the ethical challenges and governance dilemmas surrounding its development. It identifies three priorities for ethical intervention: (i) scrutinizing Metaverse narratives to assess their real contribution to digital transformation; (ii) addressing ethical risks, boundaries, and uncertainties through a precautionary yet innovation-supportive approach; and (iii) establishing guidelines to steer its evolution toward democratic and socially beneficial outcomes. To operationalize these principles, the paper proposes a framework of six policy and industry actions that align Metaverse governance with ethical, societal, and human-centered values. This framework presents responsible innovation as central to sustainable digital transformation and aligns with recent reviews of immersive and intelligent virtual environments highlighting technological and psychological concerns. Without robust safeguards, the Metaverse risks becoming a Trojan horse that disrupts digital ecosystems without regard for societal well-being

Microarchitectural Espionage: FPGA-Based Security Analysis of Branch Prediction in RISC-V Out-of-Order Cores

Author: Khan Mahreen
Bin Mohd Shahfie Muhammad, Emir
Mushtaq Maria
Pacalet Renaud
Apvrille Ludovic
Publication venue: CCSD
Publication date: 19/03/2026
Field of study

International audienceModern processor microarchitectural optimizations, while enhancing performance, inadvertently introduce side channels that can leak sensitive information through timing variations. This paper presents an FPGA-based security testbed for studying branch predictor side-channel vulnerabilities in open-source RISC-V out-of-order cores. We demonstrate a configurable platform built on the Berkeley Out-of-Order Machine (BOOM) core, adapted for resource-constrained FPGA deployment with customizable branch predictor configurations. Through baremetal execution and cycle-accurate timing measurements, we implement and evaluate three classes of timing attacks: Conditional Branch Prediction Attacks (CBPA), Indirect Branch Prediction Attacks (IBPA), and a practical smart-lock application attack. Our results show that simplified one-level predictors exhibit deterministic timing separations of 9 to 17 cycles, enabling perfect secret recovery with 100% accuracy for 16-bit secrets within 500 measurement rounds. We further demonstrate practical attack scenarios, including the extraction of a randomly-generated 4-digit smart-lock code, and evaluate the impact of branch predictor complexity on attack feasibility. This work provides an open-source framework for reproducible microarchitectural security research on RISC-V platforms, enabling evaluation of both attacks and countermeasures.</div

A Survey on Verifying Reasoning Chains Generated by Large Language Models

Author: Jaulmes Bérénice
Arouete Jean-Christophe
Barry Mariam
Alam Mehwish
Publication venue: CCSD
Publication date: 08/01/2026
Field of study

Large Languages Models (LLMs) are currently being extensively employed for many Natural Language Processing tasks such as question answering, natural language inference, document summarization etc. Chain-of-Thought (CoT) prompting guides LLMs with the reasoning steps, compelling them to generate reasoning chains. While some of the reasoning chains may follow a correct thought process, they can also suffer from hallucinations, leading to errors in answer generation. Recently, many articles have targeted the problem of verifying these reasoning chains from various aspects. Despite this recent attention, to the best of our knowledge, no comprehensive survey currently summarizes these studies on CoT verification. This work addresses that gap by presenting a detailed overview of the methods for verifying reasoning chains and categorizing them according to their methodology. This paper introduces a novel taxonomy of classification of the methods introduced so far and mainly divides them into approaches that assess entire chains versus those that examine individual steps. This paper also reviews benchmarks for evaluating CoT reasoning and verification methods and further discusses the challenges and future directions associated with these methods. By compiling and analyzing these approaches, our survey aims to advance the understanding and development of robust reasoning techniques in LLMs

Ce n'est pas de la spéculation, c'est la réalité : Réflexion sur des ateliers de design spéculatif dans le cadre de la recherche en design et en HCI

Author: Huron Samuel
Wei Wei
Tseng Wen-Jie
Bonnail Elise
Genest Eleonore
Publication venue: CCSD
Publication date: 16/03/2026
Field of study

In this paper, we reflect on the qualities of our methods across three speculative design workshops that we designed, ran, and analyzed as part of distinct Human-Computer Interaction research projects. These workshops were conducted over the past four years and each yielded to a research publication on a different topics: visualization, virtual reality, and extended reality. Each workshop employed a different speculative framing that we define in the paper: functional, critical, and exploratory. We summarize the motivations, the process of applying speculative methods, and the outcomes of the speculation. Finally, we reflect on five qualities for speculative design research: speculative plausibility, grounding of speculation, common framing of speculation, synthesis within a framework, and the quality of reflection.Dans cet article, nous nous penchons sur les caractéristiques de nos méthodes à travers trois ateliers de conception spéculative que nous avons conçus, animés et analysés dans le cadre de différents projets de recherche en interaction homme-machine et en design. Ces ateliers ont été menés au cours des quatre dernières années et ont chacun donné lieu à une publication scientifique sur des thèmes distincts : la visualisation, la réalité virtuelle et la réalité étendue. Chaque atelier a utilisé un cadre méthodologique spéculatif différent que nous définissons dans cet article : fonctionnel, critique et exploratoire. Nous résumons les motivations, le processus d'application des méthodes spéculatives et les résultats de la spéculation. Enfin, nous réfléchissons à cinq qualités pour la recherche en conception spéculative : la plausibilité spéculative, l'ancrage de la spéculation, le cadre commun de la spéculation, la synthèse au sein d'un cadre et la qualité de la réflexion

Scalable Information Theoretic Evaluation of the Rank Statistics in Side-Channel Attacks

Author: Béguinot Julien
Rioul Olivier
Masure Loïc
Standaert François-Xavier
Cheng Wei
Guilley Sylvain
Publication venue: IACR
Publication date: 01/01/2026
Field of study

International audienceEvaluating the security of a device against side-channel attacks is a difficult task. One prominent strategy for this purpose is to characterize the distribution of the rank of the correct key among the different key hypotheses produced by a maximum likelihood attack, depending on the number of measured traces. In practice, evaluators can estimate some statistics of the rank that are used as security indicators—e.g., the arithmetic and geometric mean rank, the median rank, the α-marginal guesswork, or the success rate of level L. Yet, a direct estimation becomes time-consuming as security levels increase.In this work, we provide new bounds on these figures of merit in terms of the mutual information between the secret and its side-channel leakages. These bounds provide theoretical insights on the evolution of the figures of merit in terms of noise level, computational complexity (how many keys are evaluated) and data complexity (how many side-channel traces are used for the attack). To the best of our knowledge, these bounds are the first to formally characterize security guarantees that depend on the computational power of the adversary, based on a measure of their informational leakages. It follows that our results enable fast shortcut formulas for the certification laboratories, potentially enabling them to speed up the security evaluation process. We demonstrate the tightness of our bounds on both synthetic traces (in a controlled environment) and real-world traces from two popular datasets (Aisylab/AES_HD and SMAesH)

On A Class Of Dynamical Poisson-Voronoi Tessellations

Author: Baccelli François
Kumar Jhawar Sanjoy
Publication venue: CCSD
Publication date: 19/02/2026
Field of study

Consider a dynamical network model featuring mobile stations on the Euclidean plane. The initial locations of the stations are given by a homogeneous Poisson point process. The stations are all moving at a constant speed and in a random direction. Consider fixed users located in the Euclidean plane, which are served by the mobile stations. Each user stays connected to the nearest station at any given point of time. Since the stations are moving, an user disconnects and connects with different stations over time, by always selecting which ever station is the closest. This gives rise to a dynamical version of the Poisson-Voronoi tessellation. The focus of this paper is on the sequence of "handover" events of a typical user, which are the epochs when its association changes. This defines a point process on the time-axis, the "handover point process". We show that this point process is stationary and we determine its main properties, in particular its intensity and the joint distribution of its inter-event times. We also analyze the handover Palm distributions of several variables of practical interest. This includes the distance to the closest mobile stations and the point process of all other mobile stations at handover epochs. The analysis is conducted both in the single-speed and in the multi-speed scenarios. It leads to the identification of the three dimensional state variables that "Markovize" the association dynamics. The analysis is based on a specific system of non-compact particles. The motivations are in the modeling of low or medium orbit satellite wireless communication networks. The model studied here is a planar "caricature" of this problem, which is initially defined on the sphere

0

full texts

14,191

metadata records

Updated in last 30 days.

Portail HAL de Télécom Paris

Access Repository Dashboard

Do you manage Open Research Online? Become a CORE Member to access insider analytics, issue reports and manage access to outputs from your repository in the CORE Repository Dashboard! 👇