Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA


Experimental analysis of the laser-induced instruction skip fault model

Jean-Max Dutertre, Timothe ́ Riom, Olivier Potin, and Jean-Baptiste Rigaud

Microcontrollers storing valuable data or using security functions are vulnerable to fault injection attacks. Among the various types of faults, instruction skips induced at runtime proved to be effective against identification routines or encryption algorithms. Several research works assessed a fault model that consists in a single instruction skip, i.e....More>>

Saving Private Addresses: An Analysis of Privacy Issues in the Bluetooth-Low-Energy Advertising Mechanism

Guillaume Celosia, Mathieu Cunche

The Bluetooth Low Energy (BLE) protocol is being included in a growing number of connected objects such as fitness trackers and headphones. As part of the service discovery mechanism of BLE, devices announce themselves by broadcasting radio signals called advertisement packets that can be collected with off-the-shelf hardware and software....More>>

Domains: Bluetooth, Low, Energy, Privacy, Tracking, Address, randomization.

Fingerprinting Bluetooth-Low-Energy Devices Based on the Generic Attribute Profile

Guillaume Celosia, Mathieu Cunche

Bluetooth Low Energy (BLE) is a short range wireless technology included in many consumer devices such as smartphones, earphones and wristbands. As part of the Attribute (ATT) protocol, discover- able BLE devices expose a data structure called Generic Attribute (GATT) profile that describes supported features using concepts of services and...More>>

Automated Security Analysis of IoT Software Updates

Nicolas Dejon, Davide Caputo, Luca Verderame, Alessandro Armando and Alessio Merlo

IoT devices often operate unsupervised in ever-changing environments for several years. Therefore, they need to be updated on a regular basis. Current approaches for software updates on IoT, like the recent SUIT proposal, focus on granting integrity and confidentiality but do not analyze the content of the software update, especially...More>>

Domains: IoT

TSNSCHED: Automated Schedule Generation for Time Sensitive Networking

Aellison Cassimiro T. dos Santos, Ben Schneider and Vivek Nigam

Time Sensitive Networking (TSN) is a set of standards enabling high performance deterministic communication using different scheduling mechanisms. Due to the size of industrial networks, configuring TSN networks is challenging to be done manually. We present TSNsched, a tool for automatic generation of schedules for TSN. TSNsched takes as input...More>>

The Feasibility of Deep Learning Use for Adversarial Model Extraction in the Cybersecurity Domain

Michał Choraś, Marek Pawlicki, Rafał Kozik

Machine learning algorithms found their way into a surprisingly wide range of applications, providing utility and allowing for insights gathered from data in a way never before possible. Those tools, however, have not been developed with security in mind. A deployed algorithm can meet a multitude of risks in the...More>>

On Computer - Aided Techniques for Supporting Safety and Security Co-Engineering

Vivek Nigam, Antonaneta Kondeva, Carmen Carlan and Harald Ruess

With the increasing system interconnectivity, cyber-attacks on safety-critical systems can lead to catastrophic events.This calls for a better safety and security integration. Indeed, asafety assessment contains security relevant information, such as,key safety hazards, that shall not be triggered by cyber-attacks.Guidelines, such as, SAE J3061 and ED202A, already recommendto exchange information...More>>

Domains: safety, security, co-engineering, ED202A, at-tack, trees, FTA

Security Risk Management in Cooperative Intelligent Transportation Systems: A Systematic Literature Review

Abasi-amefon O. Affia, Raimundas Matulevičius, Alexander Nolte

Automotive industries are maximizing cooperative interactions between vehicular sensors and infrastructure components to make intelligent decisions in its application (i.e traffic management, naviga- tion, or autonomous driving services). This cooperative behaviour also extends to security. With more connected and cooperative components of vehicular intelligent transportation systems (ITS), the possibility of...More>>

Domains: test, automotive

Privacy-preserving and yet Robust Collaborative Filtering Recommender as a Service

Qiang Tang

Collaborative filtering recommenders provide effective personalization services at the cost of sacrificing the privacy of their end users. Due to the increasing concerns from the society and stricter privacy regulations, it is an urgent research challenge to design privacy-preserving and yet robust recommenders which offer recommendation services to privacy-aware users....More>>

Domains: privacy